Skip to content

CNTRLPLANE-2522: features: add ExternalOIDCExternalClaimsSourcing feature gate#2743

Open
everettraven wants to merge 1 commit intoopenshift:masterfrom
everettraven:feature-gate/external-oidc-external-claims-sourcing
Open

CNTRLPLANE-2522: features: add ExternalOIDCExternalClaimsSourcing feature gate#2743
everettraven wants to merge 1 commit intoopenshift:masterfrom
everettraven:feature-gate/external-oidc-external-claims-sourcing

Conversation

@everettraven
Copy link
Contributor

@everettraven everettraven commented Mar 4, 2026

Adds a feature gate for the work to be done as part of openshift/enhancements#1907

@everettraven
features: add ExternalOIDCExternalClaimsSourcing feature gate
470851c 
Signed-off-by: Bryce Palmer <bpalmer@redhat.com>
@openshift-ci-robot
Copy link

openshift-ci-robot commented Mar 4, 2026

Pipeline controller notification
This repo is configured to use the pipeline controller. Second-stage tests will be triggered either automatically or after lgtm label is added, depending on the repository configuration. The pipeline controller will automatically detect which contexts are required and will utilize /test Prow commands to trigger the second stage.

For optional jobs, comment /test ? to see a list of all defined jobs. To trigger manually all jobs from second stage use /pipeline required command.

This repository is configured in: LGTM mode

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Mar 4, 2026

Hello @everettraven! Some important instructions when contributing to openshift/api:
API design plays an important part in the user experience of OpenShift and as such API PRs are subject to a high level of scrutiny to ensure they follow our best practices. If you haven't already done so, please review the OpenShift API Conventions and ensure that your proposed changes are compliant. Following these conventions will help expedite the api review process for your PR.

@openshift-ci openshift-ci bot added the size/M Denotes a PR that changes 30-99 lines, ignoring generated files. label Mar 4, 2026
@coderabbitai
Copy link

coderabbitai bot commented Mar 4, 2026
edited
Loading

📝 Walkthrough

Walkthrough

This pull request introduces a new feature gate called ExternalOIDCExternalClaimsSourcing. The feature gate is declared in the Go source code with configuration specifying Jira reporting, contact information, product scope, and an enhancement PR reference. The feature is enabled for inDevPreviewNoUpgrade status. Documentation is updated to reflect this new gate in the features table. Multiple payload manifest files are updated to configure this gate across different cluster deployment types (Hypershift and SelfManagedHA) and preview tiers, setting it as enabled for DevPreviewNoUpgrade configurations and disabled for Default, OKD, and TechPreviewNoUpgrade configurations.

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description check ✅ Passed The description directly relates to the changeset by explaining that a feature gate is being added for work referenced in an enhancement PR, which matches the actual changes.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Title check ✅ Passed The title clearly and specifically describes the main change: adding a new ExternalOIDCExternalClaimsSourcing feature gate, which is the primary purpose of the entire changeset across all modified files.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment

Comment @coderabbitai help to get the list of available commands and usage tips.

@openshift-ci openshift-ci bot requested review from JoelSpeed and deads2k March 4, 2026 20:53
@qodo-code-review
Copy link

qodo-code-review bot commented Mar 4, 2026

Review Summary by Qodo

Add ExternalOIDCExternalClaimsSourcing feature gate for OIDC claims sourcing

✨ Enhancement

Grey Divider

Walkthroughs

Description 
• Add new ExternalOIDCExternalClaimsSourcing feature gate for authentication
• Configure gate as dev preview with authentication component ownership
• Update all feature gate manifest files across deployment profiles
• Register feature gate in documentation and configuration
Diagram 
flowchart LR
  A["Feature Gate Definition"] -->|"registered in"| B["features.go"]
  B -->|"documented in"| C["features.md"]
  B -->|"deployed via"| D["Manifest Files"]
  D -->|"includes"| E["Hypershift & SelfManagedHA"]
  E -->|"profiles"| F["Default, DevPreview, OKD, TechPreview"]
Loading

Grey Divider

File Changes

1. features/features.go ✨ Enhancement +8/-0

Define ExternalOIDCExternalClaimsSourcing feature gate

features/features.go

2. features.md 📝 Documentation +1/-0

Add feature gate to documentation table

features.md

3. payload-manifests/featuregates/featureGate-4-10-Hypershift-Default.yaml ⚙️ Configuration changes +3/-0

Register feature gate in Hypershift default profile

payload-manifests/featuregates/featureGate-4-10-Hypershift-Default.yaml

View more (7)
4. payload-manifests/featuregates/featureGate-4-10-Hypershift-DevPreviewNoUpgrade.yaml ⚙️ Configuration changes +3/-0

Register feature gate in Hypershift dev preview profile

payload-manifests/featuregates/featureGate-4-10-Hypershift-DevPreviewNoUpgrade.yaml

5. payload-manifests/featuregates/featureGate-4-10-Hypershift-OKD.yaml ⚙️ Configuration changes +3/-0

Register feature gate in Hypershift OKD profile

payload-manifests/featuregates/featureGate-4-10-Hypershift-OKD.yaml

6. payload-manifests/featuregates/featureGate-4-10-Hypershift-TechPreviewNoUpgrade.yaml ⚙️ Configuration changes +3/-0

Register feature gate in Hypershift tech preview profile

payload-manifests/featuregates/featureGate-4-10-Hypershift-TechPreviewNoUpgrade.yaml

7. payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml ⚙️ Configuration changes +3/-0

Register feature gate in SelfManagedHA default profile

payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-Default.yaml

8. payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-DevPreviewNoUpgrade.yaml ⚙️ Configuration changes +3/-0

Register feature gate in SelfManagedHA dev preview profile

payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-DevPreviewNoUpgrade.yaml

9. payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml ⚙️ Configuration changes +3/-0

Register feature gate in SelfManagedHA OKD profile

payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-OKD.yaml

10. payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-TechPreviewNoUpgrade.yaml ⚙️ Configuration changes +3/-0

Register feature gate in SelfManagedHA tech preview profile

payload-manifests/featuregates/featureGate-4-10-SelfManagedHA-TechPreviewNoUpgrade.yaml

Grey Divider

Qodo Logo

@qodo-code-review
Copy link

qodo-code-review bot commented Mar 4, 2026
edited
Loading

Code Review by Qodo

🐞 Bugs (0) 📘 Rule violations (0) 📎 Requirement gaps (0)

Grey Divider

Great, no issues found!

Qodo reviewed your code and found no material issues that require review

Grey Divider

ⓘ The new review experience is currently in Beta. Learn more

Grey Divider

Qodo Logo

@everettraven everettraven changed the title features: add ExternalOIDCExternalClaimsSourcing feature gate CNTRLPLANE-2522: features: add ExternalOIDCExternalClaimsSourcing feature gate Mar 4, 2026
@openshift-ci-robot
Copy link

openshift-ci-robot commented Mar 4, 2026
edited by openshift-ci bot
Loading

@everettraven: This pull request references CNTRLPLANE-2522 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.22.0" version, but no target version was set.

Details

In response to this:

Adds a feature gate for the work to be done as part of openshift/enhancements#1907

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci-robot openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Mar 4, 2026
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Mar 4, 2026

@everettraven: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@JoelSpeed
Copy link
Contributor

JoelSpeed commented Mar 5, 2026

/lgtm
/verified by CI

@openshift-ci-robot openshift-ci-robot added the verified Signifies that the PR passed pre-merge verification criteria label Mar 5, 2026
@openshift-ci-robot
Copy link

openshift-ci-robot commented Mar 5, 2026

@JoelSpeed: This PR has been marked as verified by CI.

Details

In response to this:

/lgtm
/verified by CI

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Mar 5, 2026
@openshift-ci-robot
Copy link

openshift-ci-robot commented Mar 5, 2026

Scheduling tests matching the pipeline_run_if_changed or not excluded by pipeline_skip_if_only_changed parameters:
/test e2e-aws-ovn
/test e2e-aws-ovn-hypershift
/test e2e-aws-ovn-hypershift-conformance
/test e2e-aws-ovn-techpreview
/test e2e-aws-serial-1of2
/test e2e-aws-serial-2of2
/test e2e-aws-serial-techpreview-1of2
/test e2e-aws-serial-techpreview-2of2
/test e2e-azure
/test e2e-gcp
/test e2e-upgrade
/test e2e-upgrade-out-of-change
/test minor-e2e-upgrade-minor

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Mar 5, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: JoelSpeed

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Mar 5, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@deads2k deads2k Awaiting requested review from deads2k

@JoelSpeed JoelSpeed Awaiting requested review from JoelSpeed

Assignees

@JoelSpeed JoelSpeed

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. verified Signifies that the PR passed pre-merge verification criteria

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@everettraven @openshift-ci-robot @JoelSpeed