ROSAENG-1466 : Enabled boilerplate for ocm agent

[rpodishe]

Enable openshift/osd-container-image boilerplate convention for ocm-agent base image, aligning the repo with the standard build workflow used by configuration-anomaly-detection.

Changes

• Added openshift/osd-container-image to boilerplate/update.cfg
• Ran make boilerplate-update to install convention files
• Added IMAGE_NAME=ocm-agent to Makefile
• Replaced custom build/push targets (build-image, build-push, skopeo-push, push-base) with boilerplate-provided osd-container-image-build, osd-container-image-push
• Updated build/Dockerfile base image from boilerplate:image-v8.3.4 to image-v8.3.6
• Deleted build/build_push.sh (replaced by boilerplate's app-sre-build-push.sh)
• Updated docs/development.md and CLAUDE.md with new build commands

Verification

• make boilerplate-update - passed
• go vet ./... - passed
• Unit tests - all passed
• make e2e-binary-build - passed
• make osd-container-image-build - image built successfully
• E2E suite passed

Summary by CodeRabbit

• Chores

  • Updated container image build infrastructure and streamlined the build process by removing legacy tooling.
  • Updated base image dependency to v8.3.6.

• Documentation

  • Updated build and deployment documentation with new container image build commands.

[coderabbitai]

Walkthrough

This PR migrates container image building from local Makefile targets to OSD-managed orchestration, updates the Boilerplate base image to v8.3.6, removes legacy build scripts, and updates team membership in OWNERS_ALIASES.

Changes

Container Image Build System Migration

Layer / File(s)	Summary
Base image and build root configuration .ci-operator.yaml, build/Dockerfile	Introduces .ci-operator.yaml with build_root_image definition pinning Boilerplate to v8.3.6, and updates build/Dockerfile to reference the same image version.
Makefile build target refactoring Makefile	Adds IMAGE_NAME=ocm-agent, removes legacy image-tagging variables (GIT_HASH, IMAGETAG, BASE_IMG, IMAGE_REGISTRY, IMAGE_REPOSITORY, IMG) and build targets (build-image, build-push, skopeo-push, push-base, build-base), and updates all target to depend on osd-container-image-build.
Documentation updates for new build process CLAUDE.md, docs/development.md	Updates build target references from make build-image, make build-push, and make skopeo-push to make osd-container-image-build, make osd-container-image-push, and make osd-container-image-build-push.

Team Membership Updates

Layer / File(s)	Summary
OWNERS_ALIASES team membership updates OWNERS_ALIASES	Updates membership for srep-functional-team-aurora, srep-functional-team-fedramp, srep-functional-team-hulk, srep-functional-team-thor, srep-infra-cicd, srep-functional-leads, srep-team-leads, and srep-architects by removing inactive members and adding new ones.

---

🎯 2 (Simple) | ⏱️ ~12 minutes

---

Important

Pre-merge checks failed

Please resolve all errors before merging. Addressing warnings is optional.

❌ Failed checks (1 error)

Check name	Status	Explanation	Resolution
Ote Binary Stdout Contract	❌ Error	cmd/ocm-agent/fips.go defines init() that calls fmt.Println (stdout) before tests; this breaks the OTE JSON stdout contract.	Replace fmt.Println in init() with stderr output (e.g., fmt.Fprintln(os.Stderr,...)) or redirect logging to stderr so main/init never writes to stdout.

✅ Passed checks (14 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title accurately describes the main objective: enabling the boilerplate convention for the ocm-agent image, which is reflected across all significant changes (Makefile, build targets, Dockerfile updates, and documentation).
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names	✅ Passed	Scanned 18 Ginkgo *_test.go files for It/Describe/Context/When title expressions; no non-literal titles or dynamic patterns (UUID/IP/pod/node/namespace suffixes/timestamps/durations) were found.
Test Structure And Quality	✅ Passed	PR #242 only changes .ci-operator.yaml, CLAUDE.md, Makefile, OWNERS_ALIASES, build/Dockerfile, build/build_push.sh, and docs/development.md; no Ginkgo/_test.go code to review.
Microshift Test Compatibility	✅ Passed	PR #242 only updates build/config/docs files (no *_test.go or Ginkgo e2e tests added), so there are no new MicroShift-incompatible tests to flag.
Single Node Openshift (Sno) Test Compatibility	✅ Passed	PR #242 changes only CI operator YAML, Makefile/docs/OWNERS, and build/Dockerfile+scripts (no Go/Ginkgo e2e tests added), so SNO compatibility check doesn’t apply.
Topology-Aware Scheduling Compatibility	✅ Passed	Repo-wide scan for topologySpreadConstraints/anti-affinity/control-plane nodeSelector/PDB keywords found 0 matches; PR touches only CI/build files (e.g., .ci-operator.yaml, Makefile, Dockerfile).
Ipv6 And Disconnected Network Test Compatibility	✅ Passed	PR #242 changes only build/infrastructure files (.ci-operator.yaml, Makefile, scripts, docs, boilerplate) and shows no new Ginkgo e2e test code/files.
No-Weak-Crypto	✅ Passed	Scanned repo for md5/sha1/DES/RC4/3DES/blowfish/ECB and found 0 matches; no bytes.Equal/hmac.Equal/subtle.ConstantTimeCompare occurrences detected.
Container-Privileges	✅ Passed	Scan of YAML/K8s templates found no privileged:true, hostPID/hostNetwork/hostIPC, SYS_ADMIN, runAsUser:0, or allowPrivilegeEscalation:true; existing e2e templates use allowPrivilegeEscalation:false...
No-Sensitive-Data-In-Logs	✅ Passed	New boilerplate targets don’t print token values: REGISTRY login is guarded with @test/@login, while QUAY creds logging in old Makefile targets is deleted; logging only prints generic messages/log...

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@Makefile`:
- Line 35: Declare the Makefile target "all" as phony to avoid collisions by
adding a .PHONY declaration for the target; update the Makefile to include a
line like ".PHONY: all" (adjacent to the existing "all: test
osd-container-image-build" target) so the "all" target is always treated as a
phony target.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 4a320d81-3c6e-4e3b-ad49-d2b13e9a3f48

📥 Commits

Reviewing files that changed from the base of the PR and between 7b90da7 and f448559.

⛔ Files ignored due to path filters (12)

• boilerplate/_data/last-boilerplate-commit is excluded by !boilerplate/**
• boilerplate/_lib/subscriber-propose-update is excluded by !boilerplate/**
• boilerplate/generated-includes.mk is excluded by !boilerplate/**
• boilerplate/openshift/osd-container-image/.ci-operator.yaml is excluded by !boilerplate/**
• boilerplate/openshift/osd-container-image/OWNERS_ALIASES is excluded by !boilerplate/**
• boilerplate/openshift/osd-container-image/README.md is excluded by !boilerplate/**
• boilerplate/openshift/osd-container-image/app-sre-build-push.sh is excluded by !boilerplate/**
• boilerplate/openshift/osd-container-image/dependabot.yml is excluded by !boilerplate/**
• boilerplate/openshift/osd-container-image/prow-config is excluded by !boilerplate/**
• boilerplate/openshift/osd-container-image/standard.mk is excluded by !boilerplate/**
• boilerplate/openshift/osd-container-image/update is excluded by !boilerplate/**
• boilerplate/update.cfg is excluded by !boilerplate/**

📒 Files selected for processing (7)

• .ci-operator.yaml
• CLAUDE.md
• Makefile
• OWNERS_ALIASES
• build/Dockerfile
• build/build_push.sh
• docs/development.md

💤 Files with no reviewable changes (1)

• build/build_push.sh

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 55.67%. Comparing base (7b90da7) to head (f448559).
⚠️ Report is 2 commits behind head on master.

Additional details and impacted files

@@           Coverage Diff           @@
##           master     #242   +/-   ##
=======================================
  Coverage   55.67%   55.67%           
=======================================
  Files          23       23           
  Lines        1895     1895           
=======================================
  Hits         1055     1055           
  Misses        785      785           
  Partials       55       55           

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[TheUndeadKing]

/lgtm
/approve

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: rpodishe, TheUndeadKing

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [TheUndeadKing]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

@rpodishe: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.