Skip to content

Add cpe product name mapping for cert-manager#3056

Open
shruti-rh wants to merge 1 commit into
openshift-eng:mainfrom
shruti-rh:cpe-product-mapping-oape
Open

Add cpe product name mapping for cert-manager#3056
shruti-rh wants to merge 1 commit into
openshift-eng:mainfrom
shruti-rh:cpe-product-mapping-oape

Conversation

@shruti-rh

@shruti-rh shruti-rh commented Jun 12, 2026

Copy link
Copy Markdown
Contributor

rh-pre-commit.version: 2.3.2
rh-pre-commit.check-secrets: ENABLED

Summary by CodeRabbit

  • Chores
    • Updated the product name translation mapping to recognize additional CPE labels.
    • Added support for cert-manager, external-secrets, and zero-trust so they are correctly normalized and handled as supported products.

@coderabbitai

coderabbitai Bot commented Jun 12, 2026

Copy link
Copy Markdown
Contributor

Warning

Review limit reached

@shruti-rh, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 56 minutes and 41 seconds. Learn how PR review limits work.

Your organization has used up its prepaid credits, and credit purchases are no longer available. Enable the review add-on in the billing tab to keep reviews running — you're only billed for reviews past your plan's rate limits ($0.25/file).

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository: openshift-eng/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 88f06440-77d0-4aed-871f-a399587ac530

📥 Commits

Reviewing files that changed from the base of the PR and between de8b771 and 207e8ca.

📒 Files selected for processing (1)
  • doozer/doozerlib/backend/rebaser.py

Walkthrough

The PR adds three new entries to the CPE_PRODUCT_NAME_MAPPING dictionary in rebaser.py, mapping the CPE labels cert-manager, external-secrets, and zero-trust to their corresponding product names cert_manager, external_secrets_operator, and zero_trust_workload_identity_manager for consistent product name translation in CPE labeling.

Changes

CPE Product Name Mapping Updates

Layer / File(s) Summary
CPE product name mapping extension
doozer/doozerlib/backend/rebaser.py
CPE_PRODUCT_NAME_MAPPING constant is updated with three new entries: cert-managercert_manager, external-secretsexternal_secrets_operator, and zero-trustzero_trust_workload_identity_manager.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

🚥 Pre-merge checks | ✅ 9 | ❌ 2

❌ Failed checks (2 warnings)

Check name Status Explanation Resolution
Title check ⚠️ Warning The title only mentions cert-manager, but the change adds mappings for three products: cert-manager, external-secrets, and zero-trust. Update the title to reflect all three CPE product name mappings being added, e.g., 'Add cpe product name mappings for cert-manager, external-secrets, and zero-trust'.
Ai-Attribution ⚠️ Warning PR summary explicitly states "AI-generated summary of changes" but commit lacks required "Assisted-by" or "Generated-by" trailers per Red Hat attribution policy. Add "Assisted-by: " or "Generated-by: " trailer to commit message.
✅ Passed checks (9 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
No-Weak-Crypto ✅ Passed PR adds only dictionary string mappings for CPE product names. No crypto code changes; existing sha256 usage is secure.
Container-Privileges ✅ Passed No container privilege escalation risks found. The PR contains only a Python dictionary update for CPE product mappings and container configuration files that do not enable privileged mode, host na...
No-Sensitive-Data-In-Logs ✅ Passed PR only adds product name mappings (cert_manager, external_secrets_operator, zero_trust_workload_identity_manager) to a constant with no new logging statements that expose sensitive data.
No-Hardcoded-Secrets ✅ Passed The PR adds three product name mappings (cert-manager, external-secrets, zero-trust) to CPE_PRODUCT_NAME_MAPPING dictionary. These are configuration data, not secrets. No API keys, tokens, password...
No-Injection-Vectors ✅ Passed PR adds only static string mappings to CPE_PRODUCT_NAME_MAPPING dictionary with no injection vectors (no SQL concatenation, shell=True, eval/exec, pickle.loads, unsafe yaml.load, os.system, or dang...

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@shruti-rh shruti-rh force-pushed the cpe-product-mapping-oape branch from 174ddd4 to de8b771 Compare June 16, 2026 09:19
@openshift-ci

openshift-ci Bot commented Jun 16, 2026

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign fgallott for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

rh-pre-commit.version: 2.3.2
rh-pre-commit.check-secrets: ENABLED
@shruti-rh shruti-rh force-pushed the cpe-product-mapping-oape branch from de8b771 to 207e8ca Compare June 16, 2026 09:20
@openshift-ci

openshift-ci Bot commented Jun 16, 2026

Copy link
Copy Markdown
Contributor

@shruti-rh: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/security 207e8ca link false /test security

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant