Skip to content

Include GitLab as a Catalog Provider when RBAC enabled #599

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 5, 2025
Merged

Include GitLab as a Catalog Provider when RBAC enabled #599

merged 1 commit into from
Aug 5, 2025

Conversation

dperaza4dustbit
Copy link
Collaborator

@dperaza4dustbit dperaza4dustbit commented Apr 4, 2025
edited by coderabbitai bot
Loading

Implements RHTAP-4830

Enabling the plugin and the config to enable gitlab catalog provider if gitlab integration is done and RBAC is enabled

Summary by CodeRabbit

  • New Features

    • Added support for selecting and configuring authentication providers (GitHub, GitLab, Microsoft) with improved validation and RBAC logic.
    • Enhanced GitLab integration to allow skipping TLS verification and automatically retrieve the authenticated GitLab username.
    • Introduced new environment variables for GitLab integration, including group and username.
    • Integrated the official GitLab Go API client and supporting libraries, enabling a wide range of GitLab API features.
    • Expanded Kubernetes chart configuration for more flexible authentication and RBAC settings.

  • Bug Fixes

    • Improved error messaging and validation for missing or unsupported authentication provider secrets.
    • Refined RBAC logic to ensure it is only enabled for supported authentication providers.

  • Chores

    • Updated dependencies to include GitLab and HashiCorp libraries.
    • Added new open source licenses and documentation for vendored dependencies.

@openshift-ci openshift-ci bot requested review from jkopriva and xinredhat April 4, 2025 20:19
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Apr 4, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Roming22
Roming22 reviewed Apr 7, 2025
View reviewed changes
Copy link
Member

@Roming22 Roming22 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few minor comments, but looks good. I will hold the merge until after the creation of the 1.5 branch.

@dperaza4dustbit dperaza4dustbit marked this pull request as draft April 7, 2025 15:38
@dperaza4dustbit
Copy link
Collaborator Author

Setting PR to draft as agree in demo call until we take an action on techpreview GitLab plugins

@dperaza4dustbit dperaza4dustbit force-pushed the gitlab_rbac_integration branch from b4bfce7 to 3fedcb1 Compare July 23, 2025 14:52
@coderabbitai coderabbitai
Copy link

coderabbitai bot commented Jul 23, 2025
edited
Loading

Walkthrough

This change introduces a major update to the codebase, adding the gitlab.com/gitlab-org/api/client-go Go client library and its dependencies, along with significant enhancements to GitLab integration logic. The update includes new configuration options, expanded Kubernetes secret handling, and extensive vendor additions for GitLab and HashiCorp HTTP client libraries.

Changes

Cohort / File(s) Change Summary
Go Module & Dependencies
go.mod		 Added direct dependency on gitlab.com/gitlab-org/api/[email protected] and indirect dependencies on github.com/hashicorp/go-cleanhttp and github.com/hashicorp/go-retryablehttp.
GitLab Integration Logic
pkg/integrations/gitlab.go		 Added support for insecure TLS, retrieval of current GitLab username via API, and inclusion of username in Kubernetes secret. Updated CLI flags, logger, and internal methods accordingly.
Installer - App Config Template
installer/charts/tssc-dh/templates/app-config-content.yaml		 Changed template logic to validate the presence of required integration secrets, switched from secret-based to explicit auth provider-based conditionals, and refined RBAC enabling logic.
Installer - Extra Env Template
installer/charts/tssc-dh/templates/extra-env.yaml		 Added GITLAB__GROUP and GITLAB__USERNAME environment variables sourced from the GitLab secret data.
Installer - Plugins Content Template
installer/charts/tssc-dh/templates/plugins-content.yaml		 Simplified RBAC plugin inclusion logic to rely solely on the RBAC enabled flag and selected auth provider, removing secret dependency.
Installer - Values Template
installer/charts/values.yaml.tpl		 Introduced required authProvider property, updated RBAC section to set admin users/orgs based on provider, and restructured config for provider selection.
Installer - Main Config
installer/config.yaml		 Added authProvider key to developerHub config and updated RBAC example to enable flag.
Vendor: HashiCorp go-cleanhttp
vendor/github.com/hashicorp/go-cleanhttp/*		 Added new package for creating non-shared HTTP clients/transports, including middleware and documentation.
Vendor: HashiCorp go-retryablehttp
vendor/github.com/hashicorp/go-retryablehttp/*		 Added robust HTTP client with automatic retries, exponential backoff, and extensive configuration, including documentation and release notes.
Vendor: GitLab API Go Client
vendor/gitlab.com/gitlab-org/api/client-go/*		 Added the full-featured GitLab API Go client library, including service interfaces for all major GitLab API endpoints, configuration files, documentation, and CI/CD pipeline definitions.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant CLI
    participant GitLabIntegration
    participant GitLabAPI
    participant K8sSecret

    User->>CLI: Run GitLab integration command
    CLI->>GitLabIntegration: Initialize (parse flags, including --insecure)
    GitLabIntegration->>GitLabAPI: getCurrentGitLabUser() (with/without TLS verify)
    GitLabAPI-->>GitLabIntegration: Return username
    GitLabIntegration->>K8sSecret: Store secret with username, group, etc.
    K8sSecret-->>GitLabIntegration: Confirmation
    GitLabIntegration-->>CLI: Success/failure message
    CLI-->>User: Output result
Loading

Estimated code review effort

🎯 5 (Critical) | ⏱️ ~90+ minutes

Suggested reviewers

  • dperaza4dustbit

Poem

🐇
A hop, a leap, dependencies grow,
GitLab's API now in tow!
Secrets checked, providers clear,
RBAC logic shifting gear.
With HashiCorp's HTTP in the mix,
This rabbit's code review queue just ticks—
More features, more fun, more tricks!
🥕

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 golangci-lint (2.2.2)

Error: can't load config: unsupported version of the configuration: "" See https://golangci-lint.run/product/migration-guide for migration instructions
The command is terminated due to an error: can't load config: unsupported version of the configuration: "" See https://golangci-lint.run/product/migration-guide for migration instructions

Note

⚡️ Unit Test Generation is now available in beta!

Learn more here, or try it out under "Finishing Touches" below.

✨ Finishing Touches
  • 📝 Generate Docstrings
🧪 Generate unit tests
  • Create PR with unit tests
  • Post copyable unit tests in a comment

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Explain this complex logic.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai explain this code block.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and explain its main purpose.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR.
  • @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
  • @coderabbitai generate unit tests to generate unit tests for this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@dperaza4dustbit dperaza4dustbit force-pushed the gitlab_rbac_integration branch 4 times, most recently from a22284d to a9eb1bb Compare July 30, 2025 15:03
github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 30, 2025
View reviewed changes
@dperaza4dustbit dperaza4dustbit force-pushed the gitlab_rbac_integration branch from a9eb1bb to 4f7bca1 Compare July 30, 2025 15:19
@dperaza4dustbit dperaza4dustbit marked this pull request as ready for review July 30, 2025 15:30
@openshift-ci openshift-ci bot requested review from prietyc123 and rhopp July 30, 2025 15:30
coderabbitai[bot]
coderabbitai bot reviewed Jul 30, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 9

♻️ Duplicate comments (1)
pkg/integrations/gitlab.go (1)

28-29: Addition of insecure flag is noted but needs security improvement.

While the insecure flag serves its purpose for PoC/demo environments, the implementation should be enhanced for better security practices even in insecure mode.

Also applies to: 42-43, 61-61

🧹 Nitpick comments (24)
vendor/github.com/hashicorp/go-retryablehttp/.gitignore (1)

1-4: Consider dropping IDE-specific .gitignore from vendor/

Vendored code should be treated as immutable upstream source. Carrying a project-local .gitignore that filters developer IDE artefacts (.idea/, .vscode/, *.iml, *.test) introduces repo-specific noise and diverges from the upstream package. If these patterns are already covered by a top-level .gitignore, you can safely delete this file when re-vendoring.

go.mod (1)

72-75: Vendoring go-cleanhttp / go-retryablehttp both via go mod and manually

The PR vendors these packages under vendor/… and also lists them as indirect in go.mod. Rely on one mechanism (go mod vendor) to avoid drift when upstream versions change.

vendor/gitlab.com/gitlab-org/api/client-go/buf.yaml (1)

6-7: Remote Buf dependency may break hermetic builds

buf.yaml fetches protovalidate from buf.build. Offline or air-gapped environments running go mod vendor will still hit the network when Buf is invoked. If the CLI build doesn’t use Buf, consider dropping the file; otherwise, document the external fetch in build instructions.

vendor/github.com/hashicorp/go-retryablehttp/Makefile (1)

1-11: Add missing standard phony targets

checkmake warns about missing all / clean targets. While this is vendored code, adding the conventional aliases keeps linters quiet and aligns with project Makefiles.

 default: test
+all: test

@@
 .PHONY: default test updatedeps
+.PHONY: all clean
+
+clean:
+	go clean -testcache

Optional but quick to address.

vendor/github.com/hashicorp/go-retryablehttp/cert_error_go119.go (1)

11-13: Use errors.As to future-proof certificate error detection

Direct type assertion fails when the error is wrapped (e.g. %w) or returned as a pointer. A resilient check is:

-import "crypto/x509"
+import (
+	"crypto/x509"
+	"errors"
+)

-func isCertError(err error) bool {
-	_, ok := err.(x509.UnknownAuthorityError)
-	return ok
+func isCertError(err error) bool {
+	var uaErr *x509.UnknownAuthorityError
+	return errors.As(err, &uaErr)
 }
vendor/github.com/hashicorp/go-cleanhttp/doc.go (1)

5-5: Typo in vendor documentation.

There's a typo on line 5: "esepcially" should be "especially". Since this is vendored code, consider reporting this upstream to HashiCorp.

vendor/gitlab.com/gitlab-org/api/client-go/context.go (1)

19-28: Potential panic risk with unsafe type assertion.

The function uses an unsafe type assertion on Line 27 that could panic if the context value is not of type retryablehttp.CheckRetry. While this is vendor code and likely well-tested, the pattern is risky.

Consider using a safe type assertion pattern:

 func checkRetryFromContext(ctx context.Context) retryablehttp.CheckRetry {
 	val := ctx.Value(checkRetryKey)
 
 	// There is no checkRetry in context
 	if val == nil {
 		return nil
 	}
 
-	return val.(retryablehttp.CheckRetry)
+	if checkRetry, ok := val.(retryablehttp.CheckRetry); ok {
+		return checkRetry
+	}
+	return nil
 }
vendor/github.com/hashicorp/go-cleanhttp/handlers.go (1)

46-47: Remove unreachable return statement.

The return statement on Line 46 is unreachable because all code paths in the function either return early or call next.ServeHTTP().

 		if next != nil {
 			next.ServeHTTP(w, r)
 		}
 	}
-
-	return
 })
vendor/gitlab.com/gitlab-org/api/client-go/Makefile (2)

9-9: Add missing .PHONY declaration for reviewable target.

The static analysis correctly identifies that the reviewable target should be declared as .PHONY to follow Makefile best practices.

+.PHONY: reviewable
 reviewable: setup generate fmt lint test ## Run before committing.

38-39: Add missing .PHONY declaration for test target.

Following Makefile conventions, the test target should be declared as .PHONY since it doesn't create a file named "test".

+.PHONY: test
 test: ## Run tests
 	go test ./... -race
vendor/gitlab.com/gitlab-org/api/client-go/README.md (1)

56-93: Consider fixing code formatting in examples.

The static analysis tools flagged hard tabs in the code examples. Consider replacing tabs with spaces for consistent formatting across different viewing environments.

 func main() {
-	git, err := gitlab.NewClient("yourtokengoeshere")
-	if err != nil {
-		log.Fatalf("Failed to create client: %v", err)
-	}
+    git, err := gitlab.NewClient("yourtokengoeshere")
+    if err != nil {
+        log.Fatalf("Failed to create client: %v", err)
+    }
vendor/gitlab.com/gitlab-org/api/client-go/dockerfile_templates.go (1)

69-82: Consider improving variable naming for clarity.

The logic is correct, but consider renaming the variable gs to something more descriptive like templates for better readability.

-	var gs []*DockerfileTemplateListItem
-	resp, err := s.client.Do(req, &gs)
+	var templates []*DockerfileTemplateListItem
+	resp, err := s.client.Do(req, &templates)
 	if err != nil {
 		return nil, resp, err
 	}
 
-	return gs, resp, nil
+	return templates, resp, nil
vendor/gitlab.com/gitlab-org/api/client-go/access_requests.go (1)

147-151: Fix comment to be more specific to group access.

The comment mentions "group or project" but this method is specifically for requesting group access.

-// RequestGroupAccess requests access for the authenticated user
-// to a group or project.
+// RequestGroupAccess requests access for the authenticated user
+// to a group.
vendor/gitlab.com/gitlab-org/api/client-go/epic_issues.go (1)

1-182: No usages of EpicIssuesService found – please verify before migrating

I ran searches for EpicIssuesService and its methods (ListEpicIssues, AssignEpicIssue, RemoveEpicIssue, UpdateEpicIssueAssignment) in non-vendor code but found no references. Before proceeding with deprecation cleanup or migration planning, please manually confirm that:

  • There are no calls like client.EpicIssues.ListEpicIssues(...) or similar in your application code.
  • No helper utilities wrap or relay epic‐issue API operations.

If you confirm there are truly no usages, you can safely note this vendored API as deprecated without further immediate action. Otherwise, plan your migration to the Work Items API and report any fixes upstream.

vendor/gitlab.com/gitlab-org/api/client-go/dependency_list_export.go (2)

1-2: Missing copyright header in vendor file

This vendor file is missing the Apache 2.0 license header that's present in other files from the same library. This inconsistency should be reported upstream to gitlab.com/gitlab-org/api/client-go.

129-135: Note: Potential memory concern with buffering entire SBOM

The implementation buffers the entire SBOM response in memory, which could be problematic for large dependency lists. Since this is vendor code, consider this limitation when using the API for projects with extensive dependencies.

vendor/gitlab.com/gitlab-org/api/client-go/feature_flag_user_lists.go (1)

1-14: Minor: Copyright attribution missing in vendor file header

The license header is missing the copyright attribution line (e.g., "Copyright 2021, Sander van Harmelen") that's present in other files from this library. This should be reported upstream for consistency.

vendor/gitlab.com/gitlab-org/api/client-go/geo_sites.go (2)

307-307: Typo in vendor file field name.

Line 307 contains a typo: GrupWikiRepositoriesVerificationTotalCount should be GroupWikiRepositoriesVerificationTotalCount (missing 'o' in "Group"). Since this is a vendor file, this should be reported and fixed upstream in the gitlab.com/gitlab-org/api/client-go repository.

1-14: Missing copyright header in vendor file.

Unlike the other vendor files, this file is missing the copyright notice (only has the license header). This inconsistency should be reported upstream.

vendor/gitlab.com/gitlab-org/api/client-go/broadcast_messages.go (1)

146-147: Fix incorrect comment reference.

The comment refers to "CreateBroadcastMessage()" but should refer to "UpdateBroadcastMessage()" since this is for the UpdateBroadcastMessageOptions struct.

-// UpdateBroadcastMessageOptions represents the available CreateBroadcastMessage()
+// UpdateBroadcastMessageOptions represents the available UpdateBroadcastMessage()
vendor/gitlab.com/gitlab-org/api/client-go/freeze_periods.go (1)

192-194: Documentation comment refers to hooks instead of freeze periods.

The comment mentions "Either the hook is available or not" but this method is for deleting freeze periods, not hooks. This appears to be copied from another service's documentation.

vendor/gitlab.com/gitlab-org/api/client-go/draft_notes.go (2)

163-163: Incorrect documentation URL for UpdateDraftNoteOptions.

The GitLab API docs URL points to "create-a-draft-note" but this is for the update options struct. It should likely point to an update-specific endpoint documentation.

171-171: Incorrect documentation URL for UpdateDraftNote method.

The GitLab API docs URL points to "create-a-draft-note" but this is for the update method. It should point to update-specific documentation.

vendor/gitlab.com/gitlab-org/api/client-go/alert_management.go (1)

66-66: Incorrect method name in documentation comment.

The comment says "UploadMetricImageOptions uploads..." but should say "UploadMetricImage uploads..." since this is the method documentation, not the options struct documentation.

vendor/github.com/hashicorp/go-retryablehttp/cert_error_go120.go
Comment on lines +11 to +13
func isCertError(err error) bool {
_, ok := err.(*tls.CertificateVerificationError)
return ok
Copy link

@coderabbitai coderabbitai bot Jul 30, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Use errors.As so wrapped TLS errors are detected

A plain type assertion only matches the top-level error. The Go HTTP stack frequently wraps TLS errors (fmt.Errorf, net/http, etc.), so the current implementation will miss those and break retry logic.

-import "crypto/tls"
+import (
+	"crypto/tls"
+	"errors"
+)

-func isCertError(err error) bool {
-	_, ok := err.(*tls.CertificateVerificationError)
-	return ok
+func isCertError(err error) bool {
+	var certErr *tls.CertificateVerificationError
+	return errors.As(err, &certErr)
 }
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
func isCertError(err error) bool {
_, ok := err.(*tls.CertificateVerificationError)
return ok
import (
"crypto/tls"
"errors"
)
func isCertError(err error) bool {
var certErr *tls.CertificateVerificationError
return errors.As(err, &certErr)
}
🤖 Prompt for AI Agents 
In vendor/github.com/hashicorp/go-retryablehttp/cert_error_go120.go at lines 11
to 13, the function isCertError uses a direct type assertion to check for
*tls.CertificateVerificationError, which fails to detect wrapped errors. Replace
the type assertion with errors.As to correctly identify the error even if it is
wrapped, ensuring the retry logic works as intended.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we will not change vendor file directly

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dperaza4dustbit You're absolutely right! Vendor files should never be modified directly. This is a fundamental best practice in Go development for several important reasons:

  1. Changes get lost: Any modifications would be overwritten when dependencies are updated via go mod tidy or go get
  2. Breaks reproducible builds: Other developers or CI/CD systems wouldn't have the same modifications
  3. Creates maintenance burden: Custom patches in vendor code are difficult to track and maintain
  4. Violates Go module principles: The vendor directory is meant to contain unmodified third-party code

If there were a genuine issue with this error handling logic, the proper approaches would be:

  • Update to a newer version of the dependency that has the fix
  • Report the issue to the upstream maintainers
  • Work around the limitation in your application code
  • Fork the dependency if absolutely necessary (though this should be a last resort)

Thank you for maintaining good Go development practices!

✏️ Learnings added 
Learnt from: dperaza4dustbit
PR: redhat-appstudio/rhtap-cli#599
File: vendor/github.com/hashicorp/go-retryablehttp/cert_error_go120.go:11-13
Timestamp: 2025-07-30T19:30:03.649Z
Learning: Vendor files in Go projects should never be modified directly. The vendor directory contains third-party dependencies that should remain unmodified to ensure reproducible builds and proper dependency management. Any changes would be lost during dependency updates.

Note: Learnings are effective only in the context of similar code segments. To apply general coding guidelines, please configure review instructions. You can manage existing learnings in the app.

vendor/gitlab.com/gitlab-org/api/client-go/error_tracking.go
}

ets := new(ErrorTrackingSettings)
resp, err := s.client.Do(req, &ets)
Copy link

@coderabbitai coderabbitai bot Jul 30, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Critical bug: incorrect pointer usage in response handling.

Line 128 passes &ets to s.client.Do(), but ets is already a pointer (ets := new(ErrorTrackingSettings)). This creates a pointer to a pointer, which will likely cause JSON unmarshaling to fail.

This should be:

-	resp, err := s.client.Do(req, &ets)
+	resp, err := s.client.Do(req, ets)

This pattern is used correctly in other methods in the same file (lines 92, 184).

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
resp, err := s.client.Do(req, &ets)
resp, err := s.client.Do(req, ets)
🤖 Prompt for AI Agents 
In vendor/gitlab.com/gitlab-org/api/client-go/error_tracking.go at line 128, the
code incorrectly passes &ets to s.client.Do(), but ets is already a pointer
created by new(ErrorTrackingSettings). To fix this, remove the address-of
operator and pass ets directly to s.client.Do() to avoid passing a pointer to a
pointer and ensure proper JSON unmarshaling.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we will not change vendor file directly

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dperaza4dustbit You're absolutely right. Vendor files should not be modified directly as those changes would be lost during dependency updates and it goes against best practices for dependency management.

If this bug needs to be addressed, the proper approach would be to:

  1. Report the issue to the upstream GitLab API client-go project at https://gitlab.com/gitlab-org/api/client-go
  2. Wait for a fix in a future release
  3. Update the dependency when the fix is available

For now, you can continue with the current vendor code as-is since it's a third-party dependency.

ʕ•ᴥ•ʔ

✏️ Learnings added 
Learnt from: dperaza4dustbit
PR: redhat-appstudio/rhtap-cli#599
File: vendor/gitlab.com/gitlab-org/api/client-go/error_tracking.go:128-128
Timestamp: 2025-07-30T19:30:19.421Z
Learning: The user prefers not to modify vendor files directly, following best practices for dependency management. Issues in vendor dependencies should be reported upstream rather than fixed locally.

Note: Learnings are effective only in the context of similar code segments. To apply general coding guidelines, please configure review instructions. You can manage existing learnings in the app.

vendor/gitlab.com/gitlab-org/api/client-go/graphql.go
Comment on lines +79 to +101
func (g *GraphQL) Do(query GraphQLQuery, response any, options ...RequestOptionFunc) (*Response, error) {
request, err := g.client.NewRequest(http.MethodPost, "", query, options)
if err != nil {
return nil, fmt.Errorf("failed to create GraphQL request: %w", err)
}
// Overwrite the path of the existing request, as otherwise client-go appends /api/v4 instead.
request.URL.Path = GraphQLAPIEndpoint
resp, err := g.client.Do(request, response)
if err != nil {
// return error, details can be read from Response
if errResp, ok := err.(*ErrorResponse); ok { //nolint: errorlint
var v GenericGraphQLErrors
if json.Unmarshal(errResp.Body, &v) == nil {
return resp, &GraphQLResponseError{
Err: err,
Errors: v,
}
}
}
return resp, fmt.Errorf("failed to execute GraphQL query: %w", err)
}
return resp, nil
}
Copy link

@coderabbitai coderabbitai bot Jul 30, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Improve error handling and consider URL path override approach.

Two areas for improvement:

  1. Unsafe type assertion (Line 89): The //nolint: errorlint comment bypasses linting for a reason - the type assertion could panic if the error type changes.

  2. URL path override (Line 85): Manually overwriting the request URL path is fragile and could break if the client's URL construction logic changes.

Consider this safer approach for the type assertion:

-		if errResp, ok := err.(*ErrorResponse); ok { //nolint: errorlint
+		var errResp *ErrorResponse
+		if errors.As(err, &errResp) {

For the URL override, consider adding a dedicated GraphQL endpoint method to the client or documenting this as a known limitation.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
func (g *GraphQL) Do(query GraphQLQuery, response any, options ...RequestOptionFunc) (*Response, error) {
request, err := g.client.NewRequest(http.MethodPost, "", query, options)
if err != nil {
return nil, fmt.Errorf("failed to create GraphQL request: %w", err)
}
// Overwrite the path of the existing request, as otherwise client-go appends /api/v4 instead.
request.URL.Path = GraphQLAPIEndpoint
resp, err := g.client.Do(request, response)
if err != nil {
// return error, details can be read from Response
if errResp, ok := err.(*ErrorResponse); ok { //nolint: errorlint
var v GenericGraphQLErrors
if json.Unmarshal(errResp.Body, &v) == nil {
return resp, &GraphQLResponseError{
Err: err,
Errors: v,
}
}
}
return resp, fmt.Errorf("failed to execute GraphQL query: %w", err)
}
return resp, nil
}
func (g *GraphQL) Do(query GraphQLQuery, response any, options ...RequestOptionFunc) (*Response, error) {
request, err := g.client.NewRequest(http.MethodPost, "", query, options)
if err != nil {
return nil, fmt.Errorf("failed to create GraphQL request: %w", err)
}
// Overwrite the path of the existing request, as otherwise client-go appends /api/v4 instead.
request.URL.Path = GraphQLAPIEndpoint
resp, err := g.client.Do(request, response)
if err != nil {
// return error, details can be read from Response
var errResp *ErrorResponse
if errors.As(err, &errResp) {
var v GenericGraphQLErrors
if json.Unmarshal(errResp.Body, &v) == nil {
return resp, &GraphQLResponseError{
Err: err,
Errors: v,
}
}
}
return resp, fmt.Errorf("failed to execute GraphQL query: %w", err)
}
return resp, nil
}
🤖 Prompt for AI Agents 
In vendor/gitlab.com/gitlab-org/api/client-go/graphql.go around lines 79 to 101,
replace the unsafe type assertion of the error with a safer type check using
errors.As to avoid potential panics if the error type changes. For the URL path
override at line 85, avoid manually setting request.URL.Path; instead, refactor
the client to support specifying the GraphQL endpoint explicitly or document
this workaround clearly as a known limitation to prevent future breakage from
client URL construction changes.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we will not change vendor file directly

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dperaza4dustbit You're absolutely correct! Vendor files should never be modified directly. As noted in the retrieved learning, the vendor directory contains third-party dependencies that should remain unmodified to ensure reproducible builds and proper dependency management. Any changes would be lost during dependency updates.

If there are concerns about the code quality in the vendor dependencies, the proper approach would be to:

  1. Report issues upstream to the dependency maintainers
  2. Consider using a different version of the dependency if available
  3. Fork the dependency if absolutely necessary and update the go.mod to point to the fork

Thank you for the reminder about proper Go dependency management practices!

🐰
╭─╮
( ◕ ◡ ◕ )
╰─╯

🧠 Learnings used 
Learnt from: dperaza4dustbit
PR: redhat-appstudio/rhtap-cli#599
File: vendor/github.com/hashicorp/go-retryablehttp/cert_error_go120.go:11-13
Timestamp: 2025-07-30T19:30:03.684Z
Learning: Vendor files in Go projects should never be modified directly. The vendor directory contains third-party dependencies that should remain unmodified to ensure reproducible builds and proper dependency management. Any changes would be lost during dependency updates.

vendor/gitlab.com/gitlab-org/api/client-go/group_labels.go
ListOptions
WithCounts *bool `url:"with_counts,omitempty" json:"with_counts,omitempty"`
IncludeAncestorGroups *bool `url:"include_ancestor_groups,omitempty" json:"include_ancestor_groups,omitempty"`
IncludeDescendantGrouops *bool `url:"include_descendant_groups,omitempty" json:"include_descendant_groups,omitempty"`
Copy link

@coderabbitai coderabbitai bot Jul 30, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix typo in struct field name.

There's a typo in the field name IncludeDescendantGrouops - it should be IncludeDescendantGroups.

-	IncludeDescendantGrouops *bool   `url:"include_descendant_groups,omitempty" json:"include_descendant_groups,omitempty"`
+	IncludeDescendantGroups  *bool   `url:"include_descendant_groups,omitempty" json:"include_descendant_groups,omitempty"`
🤖 Prompt for AI Agents 
In vendor/gitlab.com/gitlab-org/api/client-go/group_labels.go at line 62, fix
the typo in the struct field name by renaming `IncludeDescendantGrouops` to
`IncludeDescendantGroups` to correct the spelling.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we will not change vendor file directly

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dperaza4dustbit You're absolutely right! Modifying vendor files directly goes against Go dependency management best practices. The vendor directory should remain untouched to ensure reproducible builds and prevent changes from being lost during dependency updates.

Since this typo exists in the upstream gitlab.com/gitlab-org/api/client-go library, the proper approach would be to report it to the GitLab API client maintainers at their repository. They can fix the typo in IncludeDescendantGrouopsIncludeDescendantGroups in a future release.

Thanks for maintaining good dependency management practices!

  (\   /)
 ( ._.)
o_(")(")  *following best practices*
🧠 Learnings used 
Learnt from: dperaza4dustbit
PR: redhat-appstudio/rhtap-cli#599
File: vendor/gitlab.com/gitlab-org/api/client-go/error_tracking.go:128-128
Timestamp: 2025-07-30T19:30:19.421Z
Learning: The user prefers not to modify vendor files directly, following best practices for dependency management. Issues in vendor dependencies should be reported upstream rather than fixed locally.

Learnt from: dperaza4dustbit
PR: redhat-appstudio/rhtap-cli#599
File: vendor/github.com/hashicorp/go-retryablehttp/cert_error_go120.go:11-13
Timestamp: 2025-07-30T19:30:03.684Z
Learning: Vendor files in Go projects should never be modified directly. The vendor directory contains third-party dependencies that should remain unmodified to ensure reproducible builds and proper dependency management. Any changes would be lost during dependency updates.

Roming22
Roming22 reviewed Jul 30, 2025
View reviewed changes
@dperaza4dustbit dperaza4dustbit force-pushed the gitlab_rbac_integration branch from 4f7bca1 to 0a44e90 Compare July 30, 2025 19:23
coderabbitai[bot]
coderabbitai bot reviewed Jul 30, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 3

♻️ Duplicate comments (2)
vendor/gitlab.com/gitlab-org/api/client-go/geo_nodes.go (1)

192-192: Fix incorrect URL tag for ID field.

The URL and JSON tags should be "id,omitempty" to match the field name.

-	ID                               *int      `url:"primary,omitempty" json:"primary,omitempty"`
+	ID                               *int      `url:"id,omitempty" json:"id,omitempty"`
vendor/gitlab.com/gitlab-org/api/client-go/group_labels.go (1)

62-62: Typo in struct field name needs upstream fix.

The field name IncludeDescendantGrouops contains a typo and should be IncludeDescendantGroups. Since this is a vendor file, this issue should be reported to the upstream GitLab API client repository rather than modified locally.

🧹 Nitpick comments (9)
vendor/github.com/hashicorp/go-cleanhttp/README.md (1)

16-19: Tone nitpick – drop the subjective intensifier

The wording “it can be very easy to encounter strange problems” uses the subjective intensifier “very”. Dropping it keeps the README concise and neutral in tone.

- assume that they are free to modify it at will. With enough dependencies, it
- can be very easy to encounter strange problems and race conditions due to
+ assume they are free to modify it at will. With enough dependencies, it
+ can be easy to encounter strange problems and race conditions due to
vendor/gitlab.com/gitlab-org/api/client-go/Makefile (2)

9-19: Declare reviewable, fmt, and lint as phony & provide an all alias

checkmake flags are valid – reviewable, fmt, and lint run no tangible output files and should be declared phony.
Additionally, most Go repos expose an all (or default) target that aliases the usual lint/test pipeline so external CI can rely on make with no args.

 .PHONY: all reviewable fmt lint setup generate clean test
+
+all: reviewable
+
+reviewable: ## Run before committing.
 	# …

24-30: Generation targets reference tooling absent from the vendored tree

buf, gofumpt, and the three scripts/generate_*.sh helpers are development artefacts; once code is vendored they are no longer needed and silently increase surface area that downstream builds might stumble into.

Unless your top-level build actually executes these paths, consider dropping the entire generate target (or pruning the shell scripts) to keep the vendor tree immutable.

vendor/gitlab.com/gitlab-org/api/client-go/CONTRIBUTING.md (1)

26-30: Minor wording nit – “take a look” reads more naturally than “have a look” in US-English

- Have a look at the
+ Take a look at the

Pure documentation polish, ignore if you deliberately use British English in docs.

vendor/github.com/hashicorp/go-retryablehttp/Makefile (1)

1-12: Align with checkmake: add missing all & clean targets

The vendored Makefile is minimal; adding two no-op aliases satisfies common tooling without behaviour change.

 default: test
+all: test

 test:
 	go vet ./...
 	go test -v -race ./... -coverprofile=coverage.out

 updatedeps:
 	go get -f -t -u ./...
 	go get -f -u ./...

-.PHONY: default test updatedeps
+.PHONY: all default test updatedeps clean
+
+clean:
+	@echo "Nothing to clean for vendored package"
vendor/gitlab.com/gitlab-org/api/client-go/environments.go (1)

192-192: Remove extra period in comment.

-// EditEnvironment updates a project team environment to a specified access level..
+// EditEnvironment updates a project team environment to a specified access level.
vendor/gitlab.com/gitlab-org/api/client-go/group_access_tokens.go (1)

123-124: Fix incorrect method reference in comment.

The comment references "CreateVariable()" but should reference "CreateGroupAccessToken()".

-// CreateGroupAccessTokenOptions represents the available CreateVariable()
-// options.
+// CreateGroupAccessTokenOptions represents the available CreateGroupAccessToken()
+// options.
vendor/gitlab.com/gitlab-org/api/client-go/award_emojis.go (2)

205-205: Fix incorrect documentation for Create methods

The comments incorrectly state "get an award emoji" but these methods create award emojis.

Also applies to: 213-213, 221-221

399-399: Fix incorrect documentation for Create methods on notes

The comments incorrectly state "gets an award emoji on a note" but these methods create award emojis.

Also applies to: 407-407, 416-416

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 4f7bca1 and 0a44e90.

⛔ Files ignored due to path filters (2)
  • go.sum is excluded by !**/*.sum
  • vendor/gitlab.com/gitlab-org/api/client-go/buf.lock is excluded by !**/*.lock
📒 Files selected for processing (99)
  • go.mod (2 hunks)
  • installer/charts/tssc-dh/templates/app-config-content.yaml (7 hunks)
  • installer/charts/tssc-dh/templates/extra-env.yaml (1 hunks)
  • installer/charts/tssc-dh/templates/plugins-content.yaml (1 hunks)
  • installer/charts/values.yaml.tpl (1 hunks)
  • installer/config.yaml (1 hunks)
  • pkg/integrations/gitlab.go (7 hunks)
  • vendor/github.com/hashicorp/go-cleanhttp/LICENSE (1 hunks)
  • vendor/github.com/hashicorp/go-cleanhttp/README.md (1 hunks)
  • vendor/github.com/hashicorp/go-cleanhttp/cleanhttp.go (1 hunks)
  • vendor/github.com/hashicorp/go-cleanhttp/doc.go (1 hunks)
  • vendor/github.com/hashicorp/go-cleanhttp/handlers.go (1 hunks)
  • vendor/github.com/hashicorp/go-retryablehttp/.gitignore (1 hunks)
  • vendor/github.com/hashicorp/go-retryablehttp/.go-version (1 hunks)
  • vendor/github.com/hashicorp/go-retryablehttp/.golangci.yml (1 hunks)
  • vendor/github.com/hashicorp/go-retryablehttp/CHANGELOG.md (1 hunks)
  • vendor/github.com/hashicorp/go-retryablehttp/CODEOWNERS (1 hunks)
  • vendor/github.com/hashicorp/go-retryablehttp/LICENSE (1 hunks)
  • vendor/github.com/hashicorp/go-retryablehttp/Makefile (1 hunks)
  • vendor/github.com/hashicorp/go-retryablehttp/README.md (1 hunks)
  • vendor/github.com/hashicorp/go-retryablehttp/cert_error_go119.go (1 hunks)
  • vendor/github.com/hashicorp/go-retryablehttp/cert_error_go120.go (1 hunks)
  • vendor/github.com/hashicorp/go-retryablehttp/client.go (1 hunks)
  • vendor/github.com/hashicorp/go-retryablehttp/roundtripper.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/.gitignore (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/.gitlab-ci.yml (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/.golangci.yml (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/.tool-versions (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/CHANGELOG.md (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/CONTRIBUTING.md (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/Dangerfile (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/LICENSE (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/Makefile (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/README.md (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/access_requests.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/alert_management.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/appearance.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/application_statistics.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/applications.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/audit_events.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/avatar.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/award_emojis.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/boards.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/branches.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/broadcast_messages.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/buf.gen.yaml (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/buf.yaml (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/bulk_imports.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/ci_yml_templates.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/client_options.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/cluster_agents.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/commitlint.config.mjs (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/commits.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/container_registry.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/container_registry_protection_rules.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/context.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/custom_attributes.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/database_migrations.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/dependencies.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/dependency_list_export.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/dependency_proxy.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/deploy_keys.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/deploy_tokens.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/deployments.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/deployments_merge_requests.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/discussions.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/dockerfile_templates.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/dora_metrics.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/draft_notes.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/enterprise_users.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/environments.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/epic_issues.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/epics.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/error_tracking.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/event_parsing.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/event_systemhook_types.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/event_webhook_types.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/events.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/external_status_checks.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/feature_flag_user_lists.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/feature_flags.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/freeze_periods.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/generic_packages.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/geo_nodes.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/geo_sites.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/gitignore_templates.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/gitlab.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/graphql.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/group_access_tokens.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/group_activity_analytics.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/group_badges.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/group_boards.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/group_clusters.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/group_epic_boards.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/group_hooks.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/group_import_export.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/group_iterations.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/group_labels.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/group_markdown_uploads.go (1 hunks)
✅ Files skipped from review due to trivial changes (26)
  • vendor/github.com/hashicorp/go-retryablehttp/.golangci.yml
  • vendor/github.com/hashicorp/go-retryablehttp/cert_error_go119.go
  • vendor/gitlab.com/gitlab-org/api/client-go/Dangerfile
  • vendor/gitlab.com/gitlab-org/api/client-go/commitlint.config.mjs
  • installer/config.yaml
  • vendor/github.com/hashicorp/go-retryablehttp/LICENSE
  • vendor/github.com/hashicorp/go-retryablehttp/cert_error_go120.go
  • vendor/gitlab.com/gitlab-org/api/client-go/LICENSE
  • vendor/github.com/hashicorp/go-cleanhttp/doc.go
  • vendor/gitlab.com/gitlab-org/api/client-go/context.go
  • vendor/github.com/hashicorp/go-cleanhttp/handlers.go
  • vendor/gitlab.com/gitlab-org/api/client-go/.golangci.yml
  • vendor/gitlab.com/gitlab-org/api/client-go/avatar.go
  • vendor/github.com/hashicorp/go-cleanhttp/LICENSE
  • vendor/gitlab.com/gitlab-org/api/client-go/graphql.go
  • vendor/gitlab.com/gitlab-org/api/client-go/application_statistics.go
  • vendor/gitlab.com/gitlab-org/api/client-go/database_migrations.go
  • vendor/gitlab.com/gitlab-org/api/client-go/group_markdown_uploads.go
  • vendor/gitlab.com/gitlab-org/api/client-go/group_iterations.go
  • vendor/gitlab.com/gitlab-org/api/client-go/gitignore_templates.go
  • vendor/gitlab.com/gitlab-org/api/client-go/ci_yml_templates.go
  • vendor/gitlab.com/gitlab-org/api/client-go/dockerfile_templates.go
  • vendor/gitlab.com/gitlab-org/api/client-go/broadcast_messages.go
  • vendor/gitlab.com/gitlab-org/api/client-go/alert_management.go
  • vendor/gitlab.com/gitlab-org/api/client-go/custom_attributes.go
  • vendor/gitlab.com/gitlab-org/api/client-go/deploy_keys.go
🚧 Files skipped from review as they are similar to previous changes (44)
  • vendor/github.com/hashicorp/go-retryablehttp/.gitignore
  • vendor/github.com/hashicorp/go-retryablehttp/.go-version
  • vendor/gitlab.com/gitlab-org/api/client-go/buf.yaml
  • vendor/gitlab.com/gitlab-org/api/client-go/.gitignore
  • vendor/gitlab.com/gitlab-org/api/client-go/buf.gen.yaml
  • vendor/gitlab.com/gitlab-org/api/client-go/.tool-versions
  • go.mod
  • vendor/github.com/hashicorp/go-retryablehttp/CODEOWNERS
  • installer/charts/tssc-dh/templates/plugins-content.yaml
  • vendor/gitlab.com/gitlab-org/api/client-go/dependency_proxy.go
  • vendor/github.com/hashicorp/go-retryablehttp/roundtripper.go
  • installer/charts/values.yaml.tpl
  • installer/charts/tssc-dh/templates/extra-env.yaml
  • vendor/github.com/hashicorp/go-cleanhttp/cleanhttp.go
  • vendor/gitlab.com/gitlab-org/api/client-go/event_systemhook_types.go
  • vendor/gitlab.com/gitlab-org/api/client-go/deployments_merge_requests.go
  • vendor/gitlab.com/gitlab-org/api/client-go/group_epic_boards.go
  • vendor/gitlab.com/gitlab-org/api/client-go/dora_metrics.go
  • vendor/gitlab.com/gitlab-org/api/client-go/CHANGELOG.md
  • pkg/integrations/gitlab.go
  • vendor/gitlab.com/gitlab-org/api/client-go/access_requests.go
  • vendor/gitlab.com/gitlab-org/api/client-go/feature_flags.go
  • vendor/gitlab.com/gitlab-org/api/client-go/group_import_export.go
  • vendor/gitlab.com/gitlab-org/api/client-go/dependency_list_export.go
  • vendor/gitlab.com/gitlab-org/api/client-go/enterprise_users.go
  • vendor/gitlab.com/gitlab-org/api/client-go/audit_events.go
  • vendor/gitlab.com/gitlab-org/api/client-go/bulk_imports.go
  • vendor/gitlab.com/gitlab-org/api/client-go/boards.go
  • vendor/gitlab.com/gitlab-org/api/client-go/draft_notes.go
  • vendor/gitlab.com/gitlab-org/api/client-go/branches.go
  • vendor/gitlab.com/gitlab-org/api/client-go/error_tracking.go
  • vendor/gitlab.com/gitlab-org/api/client-go/client_options.go
  • vendor/gitlab.com/gitlab-org/api/client-go/freeze_periods.go
  • vendor/gitlab.com/gitlab-org/api/client-go/group_activity_analytics.go
  • vendor/gitlab.com/gitlab-org/api/client-go/group_clusters.go
  • vendor/gitlab.com/gitlab-org/api/client-go/container_registry_protection_rules.go
  • vendor/gitlab.com/gitlab-org/api/client-go/group_badges.go
  • vendor/gitlab.com/gitlab-org/api/client-go/container_registry.go
  • vendor/gitlab.com/gitlab-org/api/client-go/group_boards.go
  • vendor/gitlab.com/gitlab-org/api/client-go/events.go
  • vendor/gitlab.com/gitlab-org/api/client-go/group_hooks.go
  • vendor/gitlab.com/gitlab-org/api/client-go/.gitlab-ci.yml
  • vendor/github.com/hashicorp/go-retryablehttp/client.go
  • vendor/gitlab.com/gitlab-org/api/client-go/cluster_agents.go
🧰 Additional context used
🧠 Learnings (1)
installer/charts/tssc-dh/templates/app-config-content.yaml (1)

Learnt from: dperaza4dustbit
PR: #599
File: installer/charts/values.yaml.tpl:239-242
Timestamp: 2025-07-30T19:13:34.841Z
Learning: GitLab RBAC configuration uses single group concept and only requires adminUsers field, unlike GitHub which supports multiple orgs. The RBAC configuration in installer/charts/values.yaml.tpl should be platform-specific rather than forcing consistency between GitHub and GitLab.

🪛 LanguageTool
vendor/github.com/hashicorp/go-cleanhttp/README.md

[style] ~18-~18: As an alternative to the over-used intensifier ‘very’, consider replacing this phrase.
Context: ...ll. With enough dependencies, it can be very easy to encounter strange problems and race ...

(EN_WEAK_ADJECTIVE)

vendor/github.com/hashicorp/go-retryablehttp/CHANGELOG.md

[style] ~29-~29: Consider using a different verb for a more formal wording.
Context: ....4 (Jun 6, 2023) BUG FIXES: - client: fixing an issue where the Content-Type header ...

(FIX_RESOLVE)

vendor/github.com/hashicorp/go-retryablehttp/README.md

[style] ~13-~13: As an alternative to the over-used intensifier ‘very’, consider replacing this phrase.
Context: ... public API. This makes retryablehttp very easy to drop into existing programs. `retry...

(EN_WEAK_ADJECTIVE)

[style] ~28-~28: ‘prior to’ might be wordy. Consider a shorter alternative.
Context: ...0.6.0 and before are compatible with Go prior to 1.12. From 0.6.1 onward, Go 1.12+ is re...

(EN_WORDINESS_PREMIUM_PRIOR_TO)

vendor/gitlab.com/gitlab-org/api/client-go/CONTRIBUTING.md

[locale-violation] ~26-~26: In American English, “take a look” is more commonly used.
Context: ...ab.com/gitlab-community/api/client-go). Have a look at the [community fork README](https://...

(HAVE_A_LOOK)

vendor/gitlab.com/gitlab-org/api/client-go/README.md

[style] ~178-~178: As a shorter alternative for ‘able to’, consider using “can”.
Context: ...ng ``` An application with client-go is able to effortlessly create a new client using ...

(BE_ABLE_TO)

[locale-violation] ~284-~284: In American English, “take a look” is more commonly used.
Context: ...itlab.ClusterAgentsInterface. You can have a look at [testing/client.go`](/testing.clien...

(HAVE_A_LOOK)

[style] ~304-~304: This phrase is redundant. Consider using “outside”.
Context: ...packaged as a part of GitLab, and falls outside of the scope of support. For more informa...

(OUTSIDE_OF)

🪛 checkmake (0.2.2)
vendor/github.com/hashicorp/go-retryablehttp/Makefile

[warning] 11-11: Missing required phony target "all"

(minphony)

[warning] 11-11: Missing required phony target "clean"

(minphony)

vendor/gitlab.com/gitlab-org/api/client-go/Makefile

[warning] 31-31: Missing required phony target "all"

(minphony)

[warning] 31-31: Missing required phony target "test"

(minphony)

[warning] 9-9: Target "reviewable" should be declared PHONY.

(phonydeclared)

🪛 markdownlint-cli2 (0.17.2)
vendor/gitlab.com/gitlab-org/api/client-go/README.md

57-57: Hard tabs
Column: 1

(MD010, no-hard-tabs)

59-59: Hard tabs
Column: 1

(MD010, no-hard-tabs)

63-63: Hard tabs
Column: 1

(MD010, no-hard-tabs)

64-64: Hard tabs
Column: 1

(MD010, no-hard-tabs)

65-65: Hard tabs
Column: 1

(MD010, no-hard-tabs)

66-66: Hard tabs
Column: 1

(MD010, no-hard-tabs)

68-68: Hard tabs
Column: 1

(MD010, no-hard-tabs)

69-69: Hard tabs
Column: 1

(MD010, no-hard-tabs)

70-70: Hard tabs
Column: 1

(MD010, no-hard-tabs)

71-71: Hard tabs
Column: 1

(MD010, no-hard-tabs)

72-72: Hard tabs
Column: 1

(MD010, no-hard-tabs)

73-73: Hard tabs
Column: 1

(MD010, no-hard-tabs)

74-74: Hard tabs
Column: 1

(MD010, no-hard-tabs)

75-75: Hard tabs
Column: 1

(MD010, no-hard-tabs)

76-76: Hard tabs
Column: 1

(MD010, no-hard-tabs)

77-77: Hard tabs
Column: 1

(MD010, no-hard-tabs)

78-78: Hard tabs
Column: 1

(MD010, no-hard-tabs)

79-79: Hard tabs
Column: 1

(MD010, no-hard-tabs)

81-81: Hard tabs
Column: 1

(MD010, no-hard-tabs)

82-82: Hard tabs
Column: 1

(MD010, no-hard-tabs)

83-83: Hard tabs
Column: 1

(MD010, no-hard-tabs)

84-84: Hard tabs
Column: 1

(MD010, no-hard-tabs)

85-85: Hard tabs
Column: 1

(MD010, no-hard-tabs)

86-86: Hard tabs
Column: 1

(MD010, no-hard-tabs)

87-87: Hard tabs
Column: 1

(MD010, no-hard-tabs)

88-88: Hard tabs
Column: 1

(MD010, no-hard-tabs)

89-89: Hard tabs
Column: 1

(MD010, no-hard-tabs)

90-90: Hard tabs
Column: 1

(MD010, no-hard-tabs)

91-91: Hard tabs
Column: 1

(MD010, no-hard-tabs)

103-103: Hard tabs
Column: 1

(MD010, no-hard-tabs)

104-104: Hard tabs
Column: 1

(MD010, no-hard-tabs)

105-105: Hard tabs
Column: 1

(MD010, no-hard-tabs)

107-107: Hard tabs
Column: 1

(MD010, no-hard-tabs)

108-108: Hard tabs
Column: 1

(MD010, no-hard-tabs)

112-112: Hard tabs
Column: 1

(MD010, no-hard-tabs)

113-113: Hard tabs
Column: 1

(MD010, no-hard-tabs)

114-114: Hard tabs
Column: 1

(MD010, no-hard-tabs)

115-115: Hard tabs
Column: 1

(MD010, no-hard-tabs)

116-116: Hard tabs
Column: 1

(MD010, no-hard-tabs)

117-117: Hard tabs
Column: 1

(MD010, no-hard-tabs)

119-119: Hard tabs
Column: 1

(MD010, no-hard-tabs)

120-120: Hard tabs
Column: 1

(MD010, no-hard-tabs)

121-121: Hard tabs
Column: 1

(MD010, no-hard-tabs)

123-123: Hard tabs
Column: 1

(MD010, no-hard-tabs)

124-124: Hard tabs
Column: 1

(MD010, no-hard-tabs)

125-125: Hard tabs
Column: 1

(MD010, no-hard-tabs)

126-126: Hard tabs
Column: 1

(MD010, no-hard-tabs)

128-128: Hard tabs
Column: 1

(MD010, no-hard-tabs)

129-129: Hard tabs
Column: 1

(MD010, no-hard-tabs)

130-130: Hard tabs
Column: 1

(MD010, no-hard-tabs)

131-131: Hard tabs
Column: 1

(MD010, no-hard-tabs)

133-133: Hard tabs
Column: 1

(MD010, no-hard-tabs)

134-134: Hard tabs
Column: 1

(MD010, no-hard-tabs)

135-135: Hard tabs
Column: 1

(MD010, no-hard-tabs)

136-136: Hard tabs
Column: 1

(MD010, no-hard-tabs)

138-138: Hard tabs
Column: 1

(MD010, no-hard-tabs)

184-184: Hard tabs
Column: 1

(MD010, no-hard-tabs)

185-185: Hard tabs
Column: 1

(MD010, no-hard-tabs)

187-187: Hard tabs
Column: 1

(MD010, no-hard-tabs)

188-188: Hard tabs
Column: 1

(MD010, no-hard-tabs)

192-192: Hard tabs
Column: 1

(MD010, no-hard-tabs)

193-193: Hard tabs
Column: 1

(MD010, no-hard-tabs)

194-194: Hard tabs
Column: 1

(MD010, no-hard-tabs)

195-195: Hard tabs
Column: 1

(MD010, no-hard-tabs)

196-196: Hard tabs
Column: 1

(MD010, no-hard-tabs)

197-197: Hard tabs
Column: 1

(MD010, no-hard-tabs)

198-198: Hard tabs
Column: 1

(MD010, no-hard-tabs)

199-199: Hard tabs
Column: 1

(MD010, no-hard-tabs)

200-200: Hard tabs
Column: 1

(MD010, no-hard-tabs)

201-201: Hard tabs
Column: 1

(MD010, no-hard-tabs)

202-202: Hard tabs
Column: 1

(MD010, no-hard-tabs)

203-203: Hard tabs
Column: 1

(MD010, no-hard-tabs)

204-204: Hard tabs
Column: 1

(MD010, no-hard-tabs)

205-205: Hard tabs
Column: 1

(MD010, no-hard-tabs)

207-207: Hard tabs
Column: 1

(MD010, no-hard-tabs)

208-208: Hard tabs
Column: 1

(MD010, no-hard-tabs)

209-209: Hard tabs
Column: 1

(MD010, no-hard-tabs)

210-210: Hard tabs
Column: 1

(MD010, no-hard-tabs)

211-211: Hard tabs
Column: 1

(MD010, no-hard-tabs)

213-213: Hard tabs
Column: 1

(MD010, no-hard-tabs)

214-214: Hard tabs
Column: 1

(MD010, no-hard-tabs)

215-215: Hard tabs
Column: 1

(MD010, no-hard-tabs)

216-216: Hard tabs
Column: 1

(MD010, no-hard-tabs)

218-218: Hard tabs
Column: 1

(MD010, no-hard-tabs)

219-219: Hard tabs
Column: 1

(MD010, no-hard-tabs)

220-220: Hard tabs
Column: 1

(MD010, no-hard-tabs)

221-221: Hard tabs
Column: 1

(MD010, no-hard-tabs)

222-222: Hard tabs
Column: 1

(MD010, no-hard-tabs)

224-224: Hard tabs
Column: 1

(MD010, no-hard-tabs)

274-274: Hard tabs
Column: 1

(MD010, no-hard-tabs)

275-275: Hard tabs
Column: 1

(MD010, no-hard-tabs)

276-276: Hard tabs
Column: 1

(MD010, no-hard-tabs)

278-278: Hard tabs
Column: 1

(MD010, no-hard-tabs)

294-294: Bare URL used

(MD034, no-bare-urls)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
  • GitHub Check: Red Hat Konflux / rhtap-cli-on-pull-request
🔇 Additional comments (26)
vendor/gitlab.com/gitlab-org/api/client-go/feature_flag_user_lists.go (6)

1-21: LGTM!

Standard Apache 2.0 license header and appropriate imports for the GitLab API client functionality.

23-41: LGTM!

Well-designed interface with consistent method signatures. The use of any for project ID appropriately handles both numeric and string identifiers, and the interface compliance check ensures type safety.

43-54: LGTM!

Well-structured data model with appropriate field types and tags. The use of pointer types for timestamps correctly handles potential null values from the API.

56-90: LGTM!

List operation follows established GitLab client patterns with proper pagination support, error handling, and consistent URL construction.

92-185: LGTM!

Create, Get, and Update operations follow consistent patterns with appropriate HTTP methods, proper error handling, and clear option structures. The separation of Create and Update option structs provides good API clarity.

187-204: LGTM!

Delete operation correctly implements the expected behavior with appropriate HTTP method and return signature. Follows the established pattern consistently.

vendor/github.com/hashicorp/go-retryablehttp/CHANGELOG.md (1)

1-34: Vendor changelog – nothing to review

Markdown doc only; no functional code introduced. Ensure license compliance and correct version pin, but otherwise no action required.

vendor/github.com/hashicorp/go-retryablehttp/README.md (1)

10-18: Documentation only – ignore style hints

LanguageTool flags “very easy” and “prior to”; stylistic but harmless in vendored upstream docs. No action required.

vendor/gitlab.com/gitlab-org/api/client-go/README.md (1)

50-100: MD010 hard-tabs warnings originate from upstream docs – safe to suppress

The markdown linter will now scan vendor. Either:

  1. Exclude vendor/** in your .markdownlint.yaml, or
  2. Accept that upstream retains tabs for code snippets.

Changing upstream docs risks merge conflicts; consider option 1.

installer/charts/tssc-dh/templates/app-config-content.yaml (4)

21-31: Well-structured validation logic!

The validation ensures that required integration secrets exist for the selected auth provider and that only supported providers are configured. The error messages are clear and will help users quickly identify configuration issues.

57-57: Improved auth provider configuration approach!

Using explicit authProvider values instead of inferring from secret existence makes the configuration more predictable and maintainable. The GitLab auth provider configuration follows the established pattern.

Also applies to: 67-67, 83-84

111-114: GitLab catalog provider properly configured!

The catalog provider configuration correctly:

  • Conditions providers on RBAC being enabled
  • Implements GitLab catalog with organization-level access using the group parameter
  • Uses consistent scheduling parameters across providers

This aligns well with the GitLab single-group RBAC model mentioned in the learnings.

Also applies to: 125-135

201-201: RBAC limited to GitHub and GitLab providers.

The condition excludes Microsoft auth provider from RBAC configuration. This makes sense if Microsoft/Azure AD handles permissions differently.

Please confirm that Microsoft auth provider doesn't require RBAC configuration in Developer Hub.

vendor/gitlab.com/gitlab-org/api/client-go/event_webhook_types.go (1)

1-1282: Vendor file from GitLab client-go library.

This file is vendored from gitlab.com/gitlab-org/api/client-go and provides webhook event type definitions. As a vendor dependency, it should not be modified directly. Any issues or improvements should be contributed upstream.

vendor/gitlab.com/gitlab-org/api/client-go/dependencies.go (1)

1-104: Vendor file from GitLab client-go library.

This file is vendored from gitlab.com/gitlab-org/api/client-go and implements the Dependencies API service. As a vendor dependency, it should not be modified directly.

vendor/gitlab.com/gitlab-org/api/client-go/appearance.go (1)

1-122: Vendor file from GitLab client-go library.

This file is vendored from gitlab.com/gitlab-org/api/client-go and implements the Appearance API service. As a vendor dependency, it should not be modified directly.

vendor/gitlab.com/gitlab-org/api/client-go/applications.go (1)

1-117: Vendor file from GitLab client-go library.

This file is vendored from gitlab.com/gitlab-org/api/client-go and implements the Applications API service. As a vendor dependency, it should not be modified directly.

vendor/gitlab.com/gitlab-org/api/client-go/epic_issues.go (1)

24-46: Note: Adding deprecated GitLab API client code

This vendor file implements the Epic Issues API which is deprecated and will be removed in GitLab API v5. Consider whether your application should be using the Work Items API instead to avoid future migration work.

vendor/gitlab.com/gitlab-org/api/client-go/event_parsing.go (1)

25-313: LGTM! Comprehensive webhook event parsing implementation

This vendor file provides robust parsing for GitLab webhook and system hook events with proper type safety and error handling.

vendor/gitlab.com/gitlab-org/api/client-go/generic_packages.go (1)

17-170: LGTM! Generic packages API client implementation

This vendor file properly implements file upload/download operations for GitLab's Generic Packages API with appropriate streaming and error handling.

vendor/gitlab.com/gitlab-org/api/client-go/deployments.go (1)

16-275: LGTM! Complete deployments API client implementation

This vendor file provides a comprehensive client for GitLab's Deployments API with proper version handling for filtering options.

vendor/gitlab.com/gitlab-org/api/client-go/epics.go (1)

25-51: Note: Adding deprecated GitLab Epics API client

This vendor file implements the Epics API which is deprecated and will be removed in GitLab API v5. Ensure your application plans for migration to the Work Items API.

vendor/gitlab.com/gitlab-org/api/client-go/discussions.go (1)

1-1185: Well-structured discussions service implementation.

The implementation provides comprehensive coverage of GitLab's discussions API with consistent patterns, proper error handling, and clear documentation.

vendor/gitlab.com/gitlab-org/api/client-go/gitlab.go (1)

27-27: Go version compatibility confirmed

The project’s go.mod specifies Go 1.24, which fully supports maps.Copy (introduced in Go 1.21). No changes required.

vendor/gitlab.com/gitlab-org/api/client-go/deploy_tokens.go (2)

1-305: Vendor file aligns with PR objectives

This vendor file from the official GitLab API Go client library is appropriate for enabling GitLab catalog provider functionality. The deploy tokens API implementation will be useful for secure authentication when RBAC is enabled.

67-80: Pagination via RequestOptionFunc

The GET /deploy_tokens endpoint does support standard page and per_page parameters, and the ListAllDeployTokens method already accepts RequestOptionFunc options—among them WithListOptions—to control pagination. For example:

opts := &gitlab.ListOptions{Page: 2, PerPage: 50}
tokens, resp, err := client.DeployTokens.ListAllDeployTokens(gitlab.WithListOptions(opts))

No changes to the method signature are required. You may wish to document this usage if it isn’t already clear.

Likely an incorrect or invalid review comment.

vendor/gitlab.com/gitlab-org/api/client-go/geo_sites.go
GroupWikiRepositoriesSyncedCount int `json:"group_wiki_repositories_synced_count"`
GroupWikiRepositoriesFailedCount int `json:"group_wiki_repositories_failed_count"`
GroupWikiRepositoriesRegistryCount int `json:"group_wiki_repositories_registry_count"`
GrupWikiRepositoriesVerificationTotalCount int `json:"group_wiki_repositories_verification_total_count"`
Copy link

@coderabbitai coderabbitai bot Jul 30, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix typo in field name.

The field name has a typo - missing 'o' in "Group".

-	GrupWikiRepositoriesVerificationTotalCount      int               `json:"group_wiki_repositories_verification_total_count"`
+	GroupWikiRepositoriesVerificationTotalCount     int               `json:"group_wiki_repositories_verification_total_count"`
🤖 Prompt for AI Agents 
In vendor/gitlab.com/gitlab-org/api/client-go/geo_sites.go at line 307, the
struct field name "GrupWikiRepositoriesVerificationTotalCount" contains a typo
missing the letter 'o' in "Group". Rename the field to
"GroupWikiRepositoriesVerificationTotalCount" to correct the spelling.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we will not change vendor file directly

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dperaza4dustbit You're absolutely right! Modifying vendor files directly goes against Go dependency management best practices, as I noted from our previous discussions. Vendor directories should remain untouched to ensure reproducible builds and prevent changes from being lost during dependency updates.

Since this is a typo in the upstream GitLab API client library, the proper approach would be to report this issue to the gitlab.com/gitlab-org/api/client-go repository so they can fix it in their codebase.

Would you like me to create a GitHub issue to track this upstream fix that needs to be made?

🧠 Learnings used 
Learnt from: dperaza4dustbit
PR: redhat-appstudio/rhtap-cli#599
File: installer/charts/values.yaml.tpl:239-242
Timestamp: 2025-07-30T19:13:34.870Z
Learning: GitLab RBAC configuration uses single group concept and only requires adminUsers field, unlike GitHub which supports multiple orgs. The RBAC configuration in installer/charts/values.yaml.tpl should be platform-specific rather than forcing consistency between GitHub and GitLab.

Learnt from: dperaza4dustbit
PR: redhat-appstudio/rhtap-cli#599
File: vendor/gitlab.com/gitlab-org/api/client-go/error_tracking.go:128-128
Timestamp: 2025-07-30T19:30:19.421Z
Learning: The user prefers not to modify vendor files directly, following best practices for dependency management. Issues in vendor dependencies should be reported upstream rather than fixed locally.

Learnt from: dperaza4dustbit
PR: redhat-appstudio/rhtap-cli#599
File: vendor/github.com/hashicorp/go-retryablehttp/cert_error_go120.go:11-13
Timestamp: 2025-07-30T19:30:03.684Z
Learning: Vendor files in Go projects should never be modified directly. The vendor directory contains third-party dependencies that should remain unmodified to ensure reproducible builds and proper dependency management. Any changes would be lost during dependency updates.

@dperaza4dustbit
Copy link
Collaborator Author

@coderabbitai configuration

@coderabbitai coderabbitai
Copy link

coderabbitai bot commented Jul 30, 2025

CodeRabbit configuration 
language: en-US
tone_instructions: ''
early_access: false
enable_free_tier: true
reviews:
  profile: chill
  request_changes_workflow: false
  high_level_summary: true
  high_level_summary_placeholder: '@coderabbitai summary'
  high_level_summary_in_walkthrough: false
  auto_title_placeholder: '@coderabbitai'
  auto_title_instructions: ''
  review_status: true
  commit_status: true
  fail_commit_status: false
  collapse_walkthrough: false
  changed_files_summary: true
  sequence_diagrams: true
  estimate_code_review_effort: true
  assess_linked_issues: true
  related_issues: true
  related_prs: true
  suggested_labels: true
  auto_apply_labels: false
  suggested_reviewers: true
  auto_assign_reviewers: false
  poem: true
  labeling_instructions: []
  path_filters: []
  path_instructions: []
  abort_on_close: true
  disable_cache: false
  auto_review:
    enabled: true
    auto_incremental_review: true
    ignore_title_keywords: []
    labels: []
    drafts: false
    base_branches: []
  finishing_touches:
    docstrings:
      enabled: true
    unit_tests:
      enabled: true
  pre_merge_checks:
    docstrings:
      mode: warning
      threshold: 80
    title:
      mode: warning
      requirements: ''
    description:
      mode: warning
    issue_assessment:
      mode: warning
  tools:
    ast-grep:
      rule_dirs: []
      util_dirs: []
      essential_rules: true
      packages: []
    shellcheck:
      enabled: true
    ruff:
      enabled: true
    markdownlint:
      enabled: true
    github-checks:
      enabled: true
      timeout_ms: 90000
    languagetool:
      enabled: true
      enabled_rules: []
      disabled_rules: []
      enabled_categories: []
      disabled_categories: []
      enabled_only: false
      level: default
    biome:
      enabled: true
    hadolint:
      enabled: true
    swiftlint:
      enabled: true
    phpstan:
      enabled: true
      level: default
    phpmd:
      enabled: true
    phpcs:
      enabled: true
    golangci-lint:
      enabled: true
    yamllint:
      enabled: true
    gitleaks:
      enabled: true
    checkov:
      enabled: true
    detekt:
      enabled: true
    eslint:
      enabled: true
    flake8:
      enabled: true
    rubocop:
      enabled: true
    buf:
      enabled: true
    regal:
      enabled: true
    actionlint:
      enabled: true
    pmd:
      enabled: true
    cppcheck:
      enabled: true
    semgrep:
      enabled: true
    circleci:
      enabled: true
    clippy:
      enabled: true
    sqlfluff:
      enabled: true
    prismaLint:
      enabled: true
    pylint:
      enabled: true
    oxc:
      enabled: true
    shopifyThemeCheck:
      enabled: true
    luacheck:
      enabled: true
    brakeman:
      enabled: true
    dotenvLint:
      enabled: true
    htmlhint:
      enabled: true
    checkmake:
      enabled: true
chat:
  auto_reply: true
  integrations:
    jira:
      usage: auto
    linear:
      usage: auto
knowledge_base:
  opt_out: false
  web_search:
    enabled: true
  code_guidelines:
    enabled: true
    filePatterns: []
  learnings:
    scope: auto
  issues:
    scope: auto
  jira:
    usage: auto
    project_keys: []
  linear:
    usage: auto
    team_keys: []
  pull_requests:
    scope: auto
code_generation:
  docstrings:
    language: en-US
    path_instructions: []
  unit_tests:
    path_instructions: []

@coderabbitai coderabbitai bot mentioned this pull request Jul 30, 2025
Merged
@dperaza4dustbit
Copy link
Collaborator Author

A few minor comments, but looks good. I will hold the merge until after the creation of the 1.5 branch.

What do you mean after 1.5 branch, did you mean 1.7?

@Roming22
Copy link
Member

@dperaza4dustbit That's a comment from early April, it was a different time then ;)

Roming22
Roming22 approved these changes Jul 31, 2025
View reviewed changes
Copy link
Member

@Roming22 Roming22 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@Roming22
Copy link
Member

/retest

@dperaza4dustbit dperaza4dustbit force-pushed the gitlab_rbac_integration branch from 0a44e90 to a2a8ffc Compare August 4, 2025 14:11
@openshift-ci openshift-ci bot removed the lgtm label Aug 4, 2025
coderabbitai[bot]
coderabbitai bot reviewed Aug 4, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

♻️ Duplicate comments (5)
vendor/gitlab.com/gitlab-org/api/client-go/geo_sites.go (1)

307-307: Typo in struct field name (vendor code - report upstream).

The field name GrupWikiRepositoriesVerificationTotalCount is missing an 'o' in "Group". Since this is vendor code, the appropriate action is to report this issue to the upstream GitLab client-go repository rather than modifying it locally.

vendor/gitlab.com/gitlab-org/api/client-go/error_tracking.go (1)

128-128: Pointer usage bug in response handling (vendor code - report upstream).

Line 128 passes &ets to s.client.Do(), but ets is already a pointer from new(ErrorTrackingSettings). This creates a pointer to a pointer which may cause JSON unmarshaling issues. Since this is vendor code, the appropriate action is to report this bug to the upstream GitLab client-go repository.

vendor/gitlab.com/gitlab-org/api/client-go/geo_nodes.go (1)

192-192: Known upstream issue with incorrect URL tag

The ID field has an incorrect URL tag "primary,omitempty" which should be "id,omitempty". This is a known issue in the vendor dependency that should be reported upstream to gitlab.com/gitlab-org/api/client-go.

vendor/gitlab.com/gitlab-org/api/client-go/group_labels.go (1)

62-62: Known upstream typo in struct field name

The field name IncludeDescendantGrouops contains a typo (should be IncludeDescendantGroups). This is a known issue in the vendor dependency that should be reported upstream to gitlab.com/gitlab-org/api/client-go.

vendor/gitlab.com/gitlab-org/api/client-go/commits.go (1)

391-392: Documentation inconsistency in vendor code

The comment mentions "both path, line_new and line_old are required" but the PostCommitCommentOptions struct only has Line and LineType fields. This should be reported to the upstream GitLab API client repository.

🧹 Nitpick comments (6)
vendor/gitlab.com/gitlab-org/api/client-go/Makefile (1)

3-19: Avoid committing development‐only tooling inside vendor/

This Makefile contains targets for formatting, linting, code-generation, etc. None of these steps are executed by the main project build; they are only useful when developing the upstream client-go library itself. Keeping such auxiliary files under vendor/ bloats the repository and causes noisy diffs each time go mod vendor is rerun. A slimmer vendor tree (Go sources + LICENSE) is reproducible and removes the temptation to edit vendored code.

Consider pruning non-essential artefacts during vendoring, e.g.:

# At vendoring time
find vendor/gitlab.com/gitlab-org/api/client-go -maxdepth 1 \
  \( -name 'Makefile' -o -name '.golangci.yml' -o -name '.gitlab-ci.yml' \) -delete

If you want to keep the full upstream sources for auditing purposes, please add a comment in hack/update-vendor.sh explaining the rationale so future maintainers know it is intentional.

Also applies to: 24-30, 31-37, 38-40

vendor/github.com/hashicorp/go-retryablehttp/Makefile (1)

1-12: Vendored Makefile is unnecessary for downstream builds

Similar to the previous file, this Makefile is useful only when hacking on go-retryablehttp itself. The main module never invokes these targets, so their presence merely increases the surface area for accidental edits (e.g., someone tweaks a linter flag locally and commits the diff).

Unless you have a concrete need to keep it, drop development artefacts during go mod vendor and rely on upstream tags for reproducibility.

vendor/github.com/hashicorp/go-retryablehttp/client.go (2)

408-408: Consider using a proper interface type for Logger field

The Logger field uses interface{} type which reduces compile-time type safety. The runtime panic in the logger() method could occur in production despite the comment suggesting otherwise.

Consider defining a union interface or using generics to ensure type safety at compile time:

type LoggerInterface interface {
    Logger | LeveledLogger
}

Or handle the invalid type case more gracefully without panicking.

Also applies to: 452-468

630-630: Minor performance optimization: avoid creating random source on each call

Creating a new random source on every LinearJitterBackoff call adds unnecessary overhead. Consider using a shared random source or sync.Pool for better performance.

vendor/gitlab.com/gitlab-org/api/client-go/award_emojis.go (2)

67-82: Consider using a named type for the User field

The anonymous struct for the User field could be extracted to a named type for better reusability across the codebase.

+// User represents a GitLab user in award emoji context
+type User struct {
+	Name      string `json:"name"`
+	Username  string `json:"username"`
+	ID        int    `json:"id"`
+	State     string `json:"state"`
+	AvatarURL string `json:"avatar_url"`
+	WebURL    string `json:"web_url"`
+}
+
 // AwardEmoji represents a GitLab Award Emoji.
 //
 // GitLab API docs: https://docs.gitlab.com/api/emoji_reactions/
 type AwardEmoji struct {
 	ID   int    `json:"id"`
 	Name string `json:"name"`
-	User struct {
-		Name      string `json:"name"`
-		Username  string `json:"username"`
-		ID        int    `json:"id"`
-		State     string `json:"state"`
-		AvatarURL string `json:"avatar_url"`
-		WebURL    string `json:"web_url"`
-	} `json:"user"`
+	User          User       `json:"user"`
 	CreatedAt     *time.Time `json:"created_at"`
 	UpdatedAt     *time.Time `json:"updated_at"`
 	AwardableID   int        `json:"awardable_id"`
 	AwardableType string     `json:"awardable_type"`
 }

1-499: Note: This is vendor code

This file is part of the vendored GitLab API client library. Any fixes to the documentation issues should ideally be contributed upstream to gitlab.com/gitlab-org/api/client-go rather than modified locally.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0a44e90 and a2a8ffc.

⛔ Files ignored due to path filters (2)
  • go.sum is excluded by !**/*.sum
  • vendor/gitlab.com/gitlab-org/api/client-go/buf.lock is excluded by !**/*.lock
📒 Files selected for processing (99)
  • go.mod (2 hunks)
  • installer/charts/tssc-dh/templates/app-config-content.yaml (7 hunks)
  • installer/charts/tssc-dh/templates/extra-env.yaml (1 hunks)
  • installer/charts/tssc-dh/templates/plugins-content.yaml (1 hunks)
  • installer/charts/values.yaml.tpl (1 hunks)
  • installer/config.yaml (1 hunks)
  • pkg/integrations/gitlab.go (7 hunks)
  • vendor/github.com/hashicorp/go-cleanhttp/LICENSE (1 hunks)
  • vendor/github.com/hashicorp/go-cleanhttp/README.md (1 hunks)
  • vendor/github.com/hashicorp/go-cleanhttp/cleanhttp.go (1 hunks)
  • vendor/github.com/hashicorp/go-cleanhttp/doc.go (1 hunks)
  • vendor/github.com/hashicorp/go-cleanhttp/handlers.go (1 hunks)
  • vendor/github.com/hashicorp/go-retryablehttp/.gitignore (1 hunks)
  • vendor/github.com/hashicorp/go-retryablehttp/.go-version (1 hunks)
  • vendor/github.com/hashicorp/go-retryablehttp/.golangci.yml (1 hunks)
  • vendor/github.com/hashicorp/go-retryablehttp/CHANGELOG.md (1 hunks)
  • vendor/github.com/hashicorp/go-retryablehttp/CODEOWNERS (1 hunks)
  • vendor/github.com/hashicorp/go-retryablehttp/LICENSE (1 hunks)
  • vendor/github.com/hashicorp/go-retryablehttp/Makefile (1 hunks)
  • vendor/github.com/hashicorp/go-retryablehttp/README.md (1 hunks)
  • vendor/github.com/hashicorp/go-retryablehttp/cert_error_go119.go (1 hunks)
  • vendor/github.com/hashicorp/go-retryablehttp/cert_error_go120.go (1 hunks)
  • vendor/github.com/hashicorp/go-retryablehttp/client.go (1 hunks)
  • vendor/github.com/hashicorp/go-retryablehttp/roundtripper.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/.gitignore (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/.gitlab-ci.yml (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/.golangci.yml (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/.tool-versions (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/CHANGELOG.md (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/CONTRIBUTING.md (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/Dangerfile (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/LICENSE (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/Makefile (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/README.md (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/access_requests.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/alert_management.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/appearance.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/application_statistics.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/applications.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/audit_events.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/avatar.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/award_emojis.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/boards.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/branches.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/broadcast_messages.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/buf.gen.yaml (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/buf.yaml (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/bulk_imports.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/ci_yml_templates.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/client_options.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/cluster_agents.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/commitlint.config.mjs (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/commits.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/container_registry.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/container_registry_protection_rules.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/context.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/custom_attributes.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/database_migrations.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/dependencies.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/dependency_list_export.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/dependency_proxy.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/deploy_keys.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/deploy_tokens.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/deployments.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/deployments_merge_requests.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/discussions.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/dockerfile_templates.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/dora_metrics.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/draft_notes.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/enterprise_users.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/environments.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/epic_issues.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/epics.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/error_tracking.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/event_parsing.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/event_systemhook_types.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/event_webhook_types.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/events.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/external_status_checks.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/feature_flag_user_lists.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/feature_flags.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/freeze_periods.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/generic_packages.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/geo_nodes.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/geo_sites.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/gitignore_templates.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/gitlab.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/graphql.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/group_access_tokens.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/group_activity_analytics.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/group_badges.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/group_boards.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/group_clusters.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/group_epic_boards.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/group_hooks.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/group_import_export.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/group_iterations.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/group_labels.go (1 hunks)
  • vendor/gitlab.com/gitlab-org/api/client-go/group_markdown_uploads.go (1 hunks)
✅ Files skipped from review due to trivial changes (11)
  • installer/config.yaml
  • vendor/gitlab.com/gitlab-org/api/client-go/Dangerfile
  • vendor/gitlab.com/gitlab-org/api/client-go/context.go
  • vendor/gitlab.com/gitlab-org/api/client-go/gitignore_templates.go
  • vendor/gitlab.com/gitlab-org/api/client-go/application_statistics.go
  • vendor/gitlab.com/gitlab-org/api/client-go/dockerfile_templates.go
  • vendor/gitlab.com/gitlab-org/api/client-go/group_epic_boards.go
  • vendor/github.com/hashicorp/go-retryablehttp/cert_error_go120.go
  • vendor/gitlab.com/gitlab-org/api/client-go/LICENSE
  • vendor/github.com/hashicorp/go-retryablehttp/LICENSE
  • vendor/gitlab.com/gitlab-org/api/client-go/.golangci.yml
🚧 Files skipped from review as they are similar to previous changes (61)
  • vendor/github.com/hashicorp/go-cleanhttp/doc.go
  • vendor/github.com/hashicorp/go-retryablehttp/.golangci.yml
  • vendor/github.com/hashicorp/go-retryablehttp/.go-version
  • vendor/github.com/hashicorp/go-retryablehttp/.gitignore
  • installer/charts/tssc-dh/templates/extra-env.yaml
  • vendor/gitlab.com/gitlab-org/api/client-go/.gitignore
  • vendor/gitlab.com/gitlab-org/api/client-go/.tool-versions
  • vendor/gitlab.com/gitlab-org/api/client-go/buf.gen.yaml
  • installer/charts/values.yaml.tpl
  • vendor/gitlab.com/gitlab-org/api/client-go/buf.yaml
  • vendor/gitlab.com/gitlab-org/api/client-go/commitlint.config.mjs
  • installer/charts/tssc-dh/templates/plugins-content.yaml
  • vendor/gitlab.com/gitlab-org/api/client-go/database_migrations.go
  • vendor/github.com/hashicorp/go-cleanhttp/handlers.go
  • vendor/gitlab.com/gitlab-org/api/client-go/deployments_merge_requests.go
  • vendor/gitlab.com/gitlab-org/api/client-go/dependency_proxy.go
  • vendor/gitlab.com/gitlab-org/api/client-go/appearance.go
  • vendor/gitlab.com/gitlab-org/api/client-go/graphql.go
  • vendor/gitlab.com/gitlab-org/api/client-go/ci_yml_templates.go
  • vendor/gitlab.com/gitlab-org/api/client-go/dependencies.go
  • vendor/gitlab.com/gitlab-org/api/client-go/avatar.go
  • vendor/gitlab.com/gitlab-org/api/client-go/.gitlab-ci.yml
  • vendor/gitlab.com/gitlab-org/api/client-go/client_options.go
  • vendor/gitlab.com/gitlab-org/api/client-go/event_systemhook_types.go
  • vendor/gitlab.com/gitlab-org/api/client-go/CHANGELOG.md
  • vendor/gitlab.com/gitlab-org/api/client-go/group_activity_analytics.go
  • vendor/gitlab.com/gitlab-org/api/client-go/group_markdown_uploads.go
  • vendor/gitlab.com/gitlab-org/api/client-go/group_import_export.go
  • vendor/gitlab.com/gitlab-org/api/client-go/access_requests.go
  • vendor/gitlab.com/gitlab-org/api/client-go/dora_metrics.go
  • vendor/gitlab.com/gitlab-org/api/client-go/generic_packages.go
  • vendor/gitlab.com/gitlab-org/api/client-go/alert_management.go
  • vendor/gitlab.com/gitlab-org/api/client-go/freeze_periods.go
  • vendor/gitlab.com/gitlab-org/api/client-go/epic_issues.go
  • vendor/gitlab.com/gitlab-org/api/client-go/dependency_list_export.go
  • vendor/gitlab.com/gitlab-org/api/client-go/applications.go
  • go.mod
  • vendor/gitlab.com/gitlab-org/api/client-go/boards.go
  • vendor/gitlab.com/gitlab-org/api/client-go/event_parsing.go
  • vendor/github.com/hashicorp/go-retryablehttp/CODEOWNERS
  • vendor/github.com/hashicorp/go-retryablehttp/cert_error_go119.go
  • vendor/gitlab.com/gitlab-org/api/client-go/audit_events.go
  • vendor/gitlab.com/gitlab-org/api/client-go/group_hooks.go
  • vendor/gitlab.com/gitlab-org/api/client-go/container_registry.go
  • vendor/gitlab.com/gitlab-org/api/client-go/group_badges.go
  • vendor/gitlab.com/gitlab-org/api/client-go/group_boards.go
  • vendor/gitlab.com/gitlab-org/api/client-go/deploy_keys.go
  • vendor/gitlab.com/gitlab-org/api/client-go/external_status_checks.go
  • vendor/github.com/hashicorp/go-retryablehttp/roundtripper.go
  • vendor/github.com/hashicorp/go-cleanhttp/LICENSE
  • vendor/gitlab.com/gitlab-org/api/client-go/group_access_tokens.go
  • vendor/gitlab.com/gitlab-org/api/client-go/broadcast_messages.go
  • vendor/gitlab.com/gitlab-org/api/client-go/container_registry_protection_rules.go
  • vendor/github.com/hashicorp/go-cleanhttp/cleanhttp.go
  • pkg/integrations/gitlab.go
  • vendor/gitlab.com/gitlab-org/api/client-go/event_webhook_types.go
  • vendor/gitlab.com/gitlab-org/api/client-go/group_iterations.go
  • vendor/gitlab.com/gitlab-org/api/client-go/bulk_imports.go
  • vendor/gitlab.com/gitlab-org/api/client-go/enterprise_users.go
  • vendor/gitlab.com/gitlab-org/api/client-go/environments.go
  • vendor/gitlab.com/gitlab-org/api/client-go/draft_notes.go
🧰 Additional context used
🧠 Learnings (3)
📚 Learning: the user prefers not to modify vendor files directly, following best practices for dependency manage... 
Learnt from: dperaza4dustbit
PR: redhat-appstudio/rhtap-cli#599
File: vendor/gitlab.com/gitlab-org/api/client-go/error_tracking.go:128-128
Timestamp: 2025-07-30T19:30:19.476Z
Learning: The user prefers not to modify vendor files directly, following best practices for dependency management. Issues in vendor dependencies should be reported upstream rather than fixed locally.

Applied to files:

  • vendor/gitlab.com/gitlab-org/api/client-go/error_tracking.go
  • vendor/gitlab.com/gitlab-org/api/client-go/geo_nodes.go
  • vendor/gitlab.com/gitlab-org/api/client-go/group_labels.go
  • vendor/gitlab.com/gitlab-org/api/client-go/geo_sites.go
  • vendor/gitlab.com/gitlab-org/api/client-go/commits.go
📚 Learning: vendor files in go projects should never be modified directly. the vendor directory contains third-p... 
Learnt from: dperaza4dustbit
PR: redhat-appstudio/rhtap-cli#599
File: vendor/github.com/hashicorp/go-retryablehttp/cert_error_go120.go:11-13
Timestamp: 2025-07-30T19:30:03.684Z
Learning: Vendor files in Go projects should never be modified directly. The vendor directory contains third-party dependencies that should remain unmodified to ensure reproducible builds and proper dependency management. Any changes would be lost during dependency updates.

Applied to files:

  • vendor/gitlab.com/gitlab-org/api/client-go/error_tracking.go
  • vendor/gitlab.com/gitlab-org/api/client-go/geo_nodes.go
  • vendor/gitlab.com/gitlab-org/api/client-go/group_labels.go
  • vendor/gitlab.com/gitlab-org/api/client-go/geo_sites.go
  • vendor/gitlab.com/gitlab-org/api/client-go/commits.go
  • vendor/github.com/hashicorp/go-retryablehttp/Makefile
  • vendor/gitlab.com/gitlab-org/api/client-go/CONTRIBUTING.md
  • vendor/gitlab.com/gitlab-org/api/client-go/Makefile
📚 Learning: gitlab rbac configuration uses single group concept and only requires adminusers field, unlike githu... 
Learnt from: dperaza4dustbit
PR: redhat-appstudio/rhtap-cli#599
File: installer/charts/values.yaml.tpl:239-242
Timestamp: 2025-07-30T19:13:34.870Z
Learning: GitLab RBAC configuration uses single group concept and only requires adminUsers field, unlike GitHub which supports multiple orgs. The RBAC configuration in installer/charts/values.yaml.tpl should be platform-specific rather than forcing consistency between GitHub and GitLab.

Applied to files:

  • installer/charts/tssc-dh/templates/app-config-content.yaml
🪛 LanguageTool
vendor/github.com/hashicorp/go-cleanhttp/README.md

[style] ~18-~18: As an alternative to the over-used intensifier ‘very’, consider replacing this phrase.
Context: ...ll. With enough dependencies, it can be very easy to encounter strange problems and race ...

(EN_WEAK_ADJECTIVE)

vendor/github.com/hashicorp/go-retryablehttp/CHANGELOG.md

[style] ~29-~29: Consider using a different verb for a more formal wording.
Context: ....4 (Jun 6, 2023) BUG FIXES: - client: fixing an issue where the Content-Type header ...

(FIX_RESOLVE)

vendor/github.com/hashicorp/go-retryablehttp/README.md

[style] ~13-~13: As an alternative to the over-used intensifier ‘very’, consider replacing this phrase.
Context: ... public API. This makes retryablehttp very easy to drop into existing programs. `retry...

(EN_WEAK_ADJECTIVE)

[style] ~28-~28: ‘prior to’ might be wordy. Consider a shorter alternative.
Context: ...0.6.0 and before are compatible with Go prior to 1.12. From 0.6.1 onward, Go 1.12+ is re...

(EN_WORDINESS_PREMIUM_PRIOR_TO)

vendor/gitlab.com/gitlab-org/api/client-go/CONTRIBUTING.md

[locale-violation] ~26-~26: In American English, “take a look” is more commonly used.
Context: ...ab.com/gitlab-community/api/client-go). Have a look at the [community fork README](https://...

(HAVE_A_LOOK)

vendor/gitlab.com/gitlab-org/api/client-go/README.md

[style] ~178-~178: As a shorter alternative for ‘able to’, consider using “can”.
Context: ...ng ``` An application with client-go is able to effortlessly create a new client using ...

(BE_ABLE_TO)

[locale-violation] ~284-~284: In American English, “take a look” is more commonly used.
Context: ...itlab.ClusterAgentsInterface. You can have a look at [testing/client.go`](/testing.clien...

(HAVE_A_LOOK)

[style] ~304-~304: This phrase is redundant. Consider using “outside”.
Context: ...packaged as a part of GitLab, and falls outside of the scope of support. For more informa...

(OUTSIDE_OF)

🪛 checkmake (0.2.2)
vendor/github.com/hashicorp/go-retryablehttp/Makefile

[warning] 11-11: Missing required phony target "all"

(minphony)

[warning] 11-11: Missing required phony target "clean"

(minphony)

vendor/gitlab.com/gitlab-org/api/client-go/Makefile

[warning] 31-31: Missing required phony target "all"

(minphony)

[warning] 31-31: Missing required phony target "test"

(minphony)

[warning] 9-9: Target "reviewable" should be declared PHONY.

(phonydeclared)

🪛 markdownlint-cli2 (0.17.2)
vendor/gitlab.com/gitlab-org/api/client-go/README.md

57-57: Hard tabs
Column: 1

(MD010, no-hard-tabs)

59-59: Hard tabs
Column: 1

(MD010, no-hard-tabs)

63-63: Hard tabs
Column: 1

(MD010, no-hard-tabs)

64-64: Hard tabs
Column: 1

(MD010, no-hard-tabs)

65-65: Hard tabs
Column: 1

(MD010, no-hard-tabs)

66-66: Hard tabs
Column: 1

(MD010, no-hard-tabs)

68-68: Hard tabs
Column: 1

(MD010, no-hard-tabs)

69-69: Hard tabs
Column: 1

(MD010, no-hard-tabs)

70-70: Hard tabs
Column: 1

(MD010, no-hard-tabs)

71-71: Hard tabs
Column: 1

(MD010, no-hard-tabs)

72-72: Hard tabs
Column: 1

(MD010, no-hard-tabs)

73-73: Hard tabs
Column: 1

(MD010, no-hard-tabs)

74-74: Hard tabs
Column: 1

(MD010, no-hard-tabs)

75-75: Hard tabs
Column: 1

(MD010, no-hard-tabs)

76-76: Hard tabs
Column: 1

(MD010, no-hard-tabs)

77-77: Hard tabs
Column: 1

(MD010, no-hard-tabs)

78-78: Hard tabs
Column: 1

(MD010, no-hard-tabs)

79-79: Hard tabs
Column: 1

(MD010, no-hard-tabs)

81-81: Hard tabs
Column: 1

(MD010, no-hard-tabs)

82-82: Hard tabs
Column: 1

(MD010, no-hard-tabs)

83-83: Hard tabs
Column: 1

(MD010, no-hard-tabs)

84-84: Hard tabs
Column: 1

(MD010, no-hard-tabs)

85-85: Hard tabs
Column: 1

(MD010, no-hard-tabs)

86-86: Hard tabs
Column: 1

(MD010, no-hard-tabs)

87-87: Hard tabs
Column: 1

(MD010, no-hard-tabs)

88-88: Hard tabs
Column: 1

(MD010, no-hard-tabs)

89-89: Hard tabs
Column: 1

(MD010, no-hard-tabs)

90-90: Hard tabs
Column: 1

(MD010, no-hard-tabs)

91-91: Hard tabs
Column: 1

(MD010, no-hard-tabs)

103-103: Hard tabs
Column: 1

(MD010, no-hard-tabs)

104-104: Hard tabs
Column: 1

(MD010, no-hard-tabs)

105-105: Hard tabs
Column: 1

(MD010, no-hard-tabs)

107-107: Hard tabs
Column: 1

(MD010, no-hard-tabs)

108-108: Hard tabs
Column: 1

(MD010, no-hard-tabs)

112-112: Hard tabs
Column: 1

(MD010, no-hard-tabs)

113-113: Hard tabs
Column: 1

(MD010, no-hard-tabs)

114-114: Hard tabs
Column: 1

(MD010, no-hard-tabs)

115-115: Hard tabs
Column: 1

(MD010, no-hard-tabs)

116-116: Hard tabs
Column: 1

(MD010, no-hard-tabs)

117-117: Hard tabs
Column: 1

(MD010, no-hard-tabs)

119-119: Hard tabs
Column: 1

(MD010, no-hard-tabs)

120-120: Hard tabs
Column: 1

(MD010, no-hard-tabs)

121-121: Hard tabs
Column: 1

(MD010, no-hard-tabs)

123-123: Hard tabs
Column: 1

(MD010, no-hard-tabs)

124-124: Hard tabs
Column: 1

(MD010, no-hard-tabs)

125-125: Hard tabs
Column: 1

(MD010, no-hard-tabs)

126-126: Hard tabs
Column: 1

(MD010, no-hard-tabs)

128-128: Hard tabs
Column: 1

(MD010, no-hard-tabs)

129-129: Hard tabs
Column: 1

(MD010, no-hard-tabs)

130-130: Hard tabs
Column: 1

(MD010, no-hard-tabs)

131-131: Hard tabs
Column: 1

(MD010, no-hard-tabs)

133-133: Hard tabs
Column: 1

(MD010, no-hard-tabs)

134-134: Hard tabs
Column: 1

(MD010, no-hard-tabs)

135-135: Hard tabs
Column: 1

(MD010, no-hard-tabs)

136-136: Hard tabs
Column: 1

(MD010, no-hard-tabs)

138-138: Hard tabs
Column: 1

(MD010, no-hard-tabs)

184-184: Hard tabs
Column: 1

(MD010, no-hard-tabs)

185-185: Hard tabs
Column: 1

(MD010, no-hard-tabs)

187-187: Hard tabs
Column: 1

(MD010, no-hard-tabs)

188-188: Hard tabs
Column: 1

(MD010, no-hard-tabs)

192-192: Hard tabs
Column: 1

(MD010, no-hard-tabs)

193-193: Hard tabs
Column: 1

(MD010, no-hard-tabs)

194-194: Hard tabs
Column: 1

(MD010, no-hard-tabs)

195-195: Hard tabs
Column: 1

(MD010, no-hard-tabs)

196-196: Hard tabs
Column: 1

(MD010, no-hard-tabs)

197-197: Hard tabs
Column: 1

(MD010, no-hard-tabs)

198-198: Hard tabs
Column: 1

(MD010, no-hard-tabs)

199-199: Hard tabs
Column: 1

(MD010, no-hard-tabs)

200-200: Hard tabs
Column: 1

(MD010, no-hard-tabs)

201-201: Hard tabs
Column: 1

(MD010, no-hard-tabs)

202-202: Hard tabs
Column: 1

(MD010, no-hard-tabs)

203-203: Hard tabs
Column: 1

(MD010, no-hard-tabs)

204-204: Hard tabs
Column: 1

(MD010, no-hard-tabs)

205-205: Hard tabs
Column: 1

(MD010, no-hard-tabs)

207-207: Hard tabs
Column: 1

(MD010, no-hard-tabs)

208-208: Hard tabs
Column: 1

(MD010, no-hard-tabs)

209-209: Hard tabs
Column: 1

(MD010, no-hard-tabs)

210-210: Hard tabs
Column: 1

(MD010, no-hard-tabs)

211-211: Hard tabs
Column: 1

(MD010, no-hard-tabs)

213-213: Hard tabs
Column: 1

(MD010, no-hard-tabs)

214-214: Hard tabs
Column: 1

(MD010, no-hard-tabs)

215-215: Hard tabs
Column: 1

(MD010, no-hard-tabs)

216-216: Hard tabs
Column: 1

(MD010, no-hard-tabs)

218-218: Hard tabs
Column: 1

(MD010, no-hard-tabs)

219-219: Hard tabs
Column: 1

(MD010, no-hard-tabs)

220-220: Hard tabs
Column: 1

(MD010, no-hard-tabs)

221-221: Hard tabs
Column: 1

(MD010, no-hard-tabs)

222-222: Hard tabs
Column: 1

(MD010, no-hard-tabs)

224-224: Hard tabs
Column: 1

(MD010, no-hard-tabs)

274-274: Hard tabs
Column: 1

(MD010, no-hard-tabs)

275-275: Hard tabs
Column: 1

(MD010, no-hard-tabs)

276-276: Hard tabs
Column: 1

(MD010, no-hard-tabs)

278-278: Hard tabs
Column: 1

(MD010, no-hard-tabs)

294-294: Bare URL used

(MD034, no-bare-urls)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
  • GitHub Check: Red Hat Konflux / rhtap-cli-on-pull-request
🔇 Additional comments (24)
vendor/github.com/hashicorp/go-cleanhttp/README.md (1)

16-21: Documentation-only change – no action required

README looks fine; keeping upstream license and docs is good practice.

vendor/github.com/hashicorp/go-retryablehttp/README.md (1)

10-19: Docs are intact; no code review concerns

Nothing to flag here—this is upstream documentation.

Also applies to: 28-33, 48-60

vendor/github.com/hashicorp/go-retryablehttp/CHANGELOG.md (1)

1-34: Changelog retained – OK

Keeping the changelog is useful for tracking upstream fixes.

vendor/gitlab.com/gitlab-org/api/client-go/CONTRIBUTING.md (1)

1-59: LGTM - Vendor documentation file properly added.

This CONTRIBUTING.md file is part of the new GitLab Go client library dependency being added to the vendor directory. The file provides comprehensive contribution guidelines including development setup, coding standards, and workflow instructions.

vendor/gitlab.com/gitlab-org/api/client-go/README.md (1)

1-318: LGTM - Comprehensive vendor documentation.

This README provides excellent documentation for the GitLab Go client library, including installation instructions, usage examples with different authentication methods (OAuth2, config-based), and testing guidance. The documentation is thorough and will help developers understand how to use the new GitLab client functionality.

installer/charts/tssc-dh/templates/app-config-content.yaml (4)

21-30: Excellent validation logic for auth provider requirements.

The new validation ensures that the required integration secret exists for the selected authentication provider and validates that the authProvider value is among the supported options. This prevents runtime configuration errors and provides clear feedback to users.

57-57: Auth provider configuration properly updated.

The changes correctly shift from secret-presence-based logic to explicit provider selection using .Values.developerHub.authProvider. The GitLab configuration includes appropriate conditional logic for enterprise instances and resolvers for user authentication.

Also applies to: 67-67, 83-99

111-136: GitLab catalog provider configuration well-implemented.

The new GitLab catalog provider configuration follows the same pattern as the existing GitHub configuration, with proper conditional rendering based on RBAC enablement and auth provider selection. The configuration includes all necessary fields for GitLab integration (host, group, scheduling).

201-201: RBAC enablement correctly restricted to supported providers.

The condition properly limits RBAC enablement to GitHub and GitLab providers only, which aligns with the platforms that support organizational/group-based access control.

vendor/gitlab.com/gitlab-org/api/client-go/feature_flag_user_lists.go (1)

1-205: LGTM - Standard vendor API client implementation.

This file implements a complete GitLab Feature Flag User Lists API client service with proper CRUD operations, error handling, and HTTP method usage. It's part of the new GitLab Go client library dependency and follows standard Go API client patterns.

vendor/gitlab.com/gitlab-org/api/client-go/branches.go (1)

1-196: LGTM - Complete branch management API client.

This file provides a comprehensive GitLab branches API client with all standard operations (list, get, create, delete) including support for deleting merged branches. The implementation follows proper Go API client patterns with appropriate error handling and URL escaping.

vendor/gitlab.com/gitlab-org/api/client-go/feature_flags.go (1)

1-173: Vendor code - no modifications suggested.

This is a well-structured GitLab API client implementation for feature flags functionality. The code follows standard Go conventions with proper error handling, URL escaping, and HTTP method usage. Since this is vendor code, any issues should be reported upstream to the GitLab client-go project.

vendor/gitlab.com/gitlab-org/api/client-go/deployments.go (1)

1-275: Vendor code - no modifications suggested.

This deployments API client implementation follows standard patterns with proper REST method mapping, project ID parsing, and version-aware filtering options for different GitLab versions. The code structure is consistent with GitLab API conventions. Since this is vendor code, any issues should be addressed in the upstream repository.

vendor/gitlab.com/gitlab-org/api/client-go/epics.go (1)

1-311: Vendor code with proper deprecation notices.

This epics API client implementation is properly marked as deprecated throughout, with clear guidance to migrate to the Work Items API before GitLab API v5. The implementation follows standard patterns with appropriate HTTP method usage and error handling. Since this is vendor code, any issues should be addressed upstream.

vendor/gitlab.com/gitlab-org/api/client-go/geo_nodes.go (1)

24-53: Note: Using deprecated Geo Nodes API

This entire service interface and implementation is marked as deprecated and scheduled for removal in API v5. Consider using the Geo Sites API instead for new implementations.

vendor/gitlab.com/gitlab-org/api/client-go/discussions.go (1)

1-1184: New vendor dependency for GitLab Discussions API

This vendor file provides comprehensive client support for GitLab's Discussions API across multiple resource types. The implementation appears complete and follows standard GitLab API client patterns.

vendor/gitlab.com/gitlab-org/api/client-go/events.go (1)

1-241: New vendor dependency for GitLab Events API

This vendor file adds support for GitLab's Events API, enabling tracking of user contributions and project events. The implementation follows standard GitLab client patterns.

vendor/gitlab.com/gitlab-org/api/client-go/group_labels.go (1)

1-293: New vendor dependency for GitLab Group Labels API

This vendor file adds support for managing GitLab group labels. The implementation provides full CRUD operations and subscription management for group labels.

vendor/gitlab.com/gitlab-org/api/client-go/group_clusters.go (1)

24-52: Warning: Using deprecated Group Clusters API

This entire service is deprecated since GitLab 14.5 and will be removed in GitLab 19.0. Avoid using this API for new implementations and plan migration for any existing usage.

vendor/gitlab.com/gitlab-org/api/client-go/cluster_agents.go (1)

1-310: Vendor file - no modifications needed

This vendor file from the GitLab API client library appears well-structured and follows Go best practices. No critical issues identified that would require upstream reporting.

vendor/gitlab.com/gitlab-org/api/client-go/deploy_tokens.go (1)

1-305: Vendor file - no modifications needed

This vendor file implements GitLab's Deploy Tokens API client functionality. The code is well-structured with consistent error handling and documentation. No critical issues identified.

vendor/gitlab.com/gitlab-org/api/client-go/custom_attributes.go (1)

1-208: Vendor file - no modifications needed

This vendor file provides custom attributes API functionality. Good design pattern using helper methods to handle common operations across different resource types (users, groups, projects). No issues identified.

vendor/gitlab.com/gitlab-org/api/client-go/gitlab.go (1)

1-1205: Vendor file - core client implementation

This is the main GitLab API client implementation with comprehensive features including:

  • Multiple authentication methods (OAuth, private tokens, job tokens)
  • Sophisticated rate limiting with adaptive configuration
  • Retry logic with exponential backoff
  • Proper error handling and response parsing

The implementation appears robust and well-designed. No critical issues identified.

vendor/gitlab.com/gitlab-org/api/client-go/commits.go (1)

1-636: Vendor file - commits API implementation

Apart from the documentation issue noted above, this vendor file provides comprehensive commit API functionality including:

  • Commit listing, retrieval, and creation
  • Diff and comment management
  • Status handling and merge request associations
  • Cherry-pick and revert operations
  • GPG signature retrieval

The implementation follows consistent patterns with other API client files.

vendor/gitlab.com/gitlab-org/api/client-go/award_emojis.go
Comment on lines +205 to +227
// CreateMergeRequestAwardEmoji get an award emoji from merge request.
//
// GitLab API docs:
// https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction
func (s *AwardEmojiService) CreateMergeRequestAwardEmoji(pid any, mergeRequestIID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
return s.createAwardEmoji(pid, awardMergeRequest, mergeRequestIID, opt, options...)
}

// CreateIssueAwardEmoji get an award emoji from issue.
//
// GitLab API docs:
// https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction
func (s *AwardEmojiService) CreateIssueAwardEmoji(pid any, issueIID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
return s.createAwardEmoji(pid, awardIssue, issueIID, opt, options...)
}

// CreateSnippetAwardEmoji get an award emoji from snippet.
//
// GitLab API docs:
// https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction
func (s *AwardEmojiService) CreateSnippetAwardEmoji(pid any, snippetID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
return s.createAwardEmoji(pid, awardSnippets, snippetID, opt, options...)
}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix incorrect documentation for create methods

The comments incorrectly state "get an award emoji" for methods that create award emojis.

-// CreateMergeRequestAwardEmoji get an award emoji from merge request.
+// CreateMergeRequestAwardEmoji creates an award emoji on a merge request.
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction
 func (s *AwardEmojiService) CreateMergeRequestAwardEmoji(pid any, mergeRequestIID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
 	return s.createAwardEmoji(pid, awardMergeRequest, mergeRequestIID, opt, options...)
 }

-// CreateIssueAwardEmoji get an award emoji from issue.
+// CreateIssueAwardEmoji creates an award emoji on an issue.
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction
 func (s *AwardEmojiService) CreateIssueAwardEmoji(pid any, issueIID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
 	return s.createAwardEmoji(pid, awardIssue, issueIID, opt, options...)
 }

-// CreateSnippetAwardEmoji get an award emoji from snippet.
+// CreateSnippetAwardEmoji creates an award emoji on a snippet.
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction
 func (s *AwardEmojiService) CreateSnippetAwardEmoji(pid any, snippetID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
 	return s.createAwardEmoji(pid, awardSnippets, snippetID, opt, options...)
 }
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
// CreateMergeRequestAwardEmoji get an award emoji from merge request.
//
// GitLab API docs:
// https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction
func (s *AwardEmojiService) CreateMergeRequestAwardEmoji(pid any, mergeRequestIID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
return s.createAwardEmoji(pid, awardMergeRequest, mergeRequestIID, opt, options...)
}
// CreateIssueAwardEmoji get an award emoji from issue.
//
// GitLab API docs:
// https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction
func (s *AwardEmojiService) CreateIssueAwardEmoji(pid any, issueIID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
return s.createAwardEmoji(pid, awardIssue, issueIID, opt, options...)
}
// CreateSnippetAwardEmoji get an award emoji from snippet.
//
// GitLab API docs:
// https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction
func (s *AwardEmojiService) CreateSnippetAwardEmoji(pid any, snippetID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
return s.createAwardEmoji(pid, awardSnippets, snippetID, opt, options...)
}
// CreateMergeRequestAwardEmoji creates an award emoji on a merge request.
//
// GitLab API docs:
// https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction
func (s *AwardEmojiService) CreateMergeRequestAwardEmoji(pid any, mergeRequestIID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
return s.createAwardEmoji(pid, awardMergeRequest, mergeRequestIID, opt, options...)
}
// CreateIssueAwardEmoji creates an award emoji on an issue.
//
// GitLab API docs:
// https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction
func (s *AwardEmojiService) CreateIssueAwardEmoji(pid any, issueIID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
return s.createAwardEmoji(pid, awardIssue, issueIID, opt, options...)
}
// CreateSnippetAwardEmoji creates an award emoji on a snippet.
//
// GitLab API docs:
// https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction
func (s *AwardEmojiService) CreateSnippetAwardEmoji(pid any, snippetID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
return s.createAwardEmoji(pid, awardSnippets, snippetID, opt, options...)
}
🤖 Prompt for AI Agents 
In vendor/gitlab.com/gitlab-org/api/client-go/award_emojis.go lines 205 to 227,
the comments for CreateMergeRequestAwardEmoji, CreateIssueAwardEmoji, and
CreateSnippetAwardEmoji incorrectly say "get an award emoji" while these methods
actually create award emojis. Update the comments to correctly reflect that
these methods create new award emojis instead of getting them.

vendor/gitlab.com/gitlab-org/api/client-go/award_emojis.go
Comment on lines +399 to +422
// CreateIssuesAwardEmojiOnNote gets an award emoji on a note from an issue.
//
// GitLab API docs:
// https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction-to-a-comment
func (s *AwardEmojiService) CreateIssuesAwardEmojiOnNote(pid any, issueID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
return s.createAwardEmojiOnNote(pid, awardIssue, issueID, noteID, opt, options...)
}

// CreateMergeRequestAwardEmojiOnNote gets an award emoji on a note from a
// merge request.
//
// GitLab API docs:
// https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction-to-a-comment
func (s *AwardEmojiService) CreateMergeRequestAwardEmojiOnNote(pid any, mergeRequestIID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
return s.createAwardEmojiOnNote(pid, awardMergeRequest, mergeRequestIID, noteID, opt, options...)
}

// CreateSnippetAwardEmojiOnNote gets an award emoji on a note from a snippet.
//
// GitLab API docs:
// https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction-to-a-comment
func (s *AwardEmojiService) CreateSnippetAwardEmojiOnNote(pid any, snippetIID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
return s.createAwardEmojiOnNote(pid, awardSnippets, snippetIID, noteID, opt, options...)
}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix incorrect documentation for create note emoji methods

The comments incorrectly state "gets an award emoji" for methods that create award emojis on notes.

-// CreateIssuesAwardEmojiOnNote gets an award emoji on a note from an issue.
+// CreateIssuesAwardEmojiOnNote creates an award emoji on a note from an issue.
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction-to-a-comment
 func (s *AwardEmojiService) CreateIssuesAwardEmojiOnNote(pid any, issueID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
 	return s.createAwardEmojiOnNote(pid, awardIssue, issueID, noteID, opt, options...)
 }

-// CreateMergeRequestAwardEmojiOnNote gets an award emoji on a note from a
+// CreateMergeRequestAwardEmojiOnNote creates an award emoji on a note from a
 // merge request.
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction-to-a-comment
 func (s *AwardEmojiService) CreateMergeRequestAwardEmojiOnNote(pid any, mergeRequestIID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
 	return s.createAwardEmojiOnNote(pid, awardMergeRequest, mergeRequestIID, noteID, opt, options...)
 }

-// CreateSnippetAwardEmojiOnNote gets an award emoji on a note from a snippet.
+// CreateSnippetAwardEmojiOnNote creates an award emoji on a note from a snippet.
 //
 // GitLab API docs:
 // https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction-to-a-comment
 func (s *AwardEmojiService) CreateSnippetAwardEmojiOnNote(pid any, snippetIID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
 	return s.createAwardEmojiOnNote(pid, awardSnippets, snippetIID, noteID, opt, options...)
 }
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
// CreateIssuesAwardEmojiOnNote gets an award emoji on a note from an issue.
//
// GitLab API docs:
// https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction-to-a-comment
func (s *AwardEmojiService) CreateIssuesAwardEmojiOnNote(pid any, issueID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
return s.createAwardEmojiOnNote(pid, awardIssue, issueID, noteID, opt, options...)
}
// CreateMergeRequestAwardEmojiOnNote gets an award emoji on a note from a
// merge request.
//
// GitLab API docs:
// https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction-to-a-comment
func (s *AwardEmojiService) CreateMergeRequestAwardEmojiOnNote(pid any, mergeRequestIID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
return s.createAwardEmojiOnNote(pid, awardMergeRequest, mergeRequestIID, noteID, opt, options...)
}
// CreateSnippetAwardEmojiOnNote gets an award emoji on a note from a snippet.
//
// GitLab API docs:
// https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction-to-a-comment
func (s *AwardEmojiService) CreateSnippetAwardEmojiOnNote(pid any, snippetIID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
return s.createAwardEmojiOnNote(pid, awardSnippets, snippetIID, noteID, opt, options...)
}
// CreateIssuesAwardEmojiOnNote creates an award emoji on a note from an issue.
//
// GitLab API docs:
// https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction-to-a-comment
func (s *AwardEmojiService) CreateIssuesAwardEmojiOnNote(pid any, issueID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
return s.createAwardEmojiOnNote(pid, awardIssue, issueID, noteID, opt, options...)
}
// CreateMergeRequestAwardEmojiOnNote creates an award emoji on a note from a
// merge request.
//
// GitLab API docs:
// https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction-to-a-comment
func (s *AwardEmojiService) CreateMergeRequestAwardEmojiOnNote(pid any, mergeRequestIID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
return s.createAwardEmojiOnNote(pid, awardMergeRequest, mergeRequestIID, noteID, opt, options...)
}
// CreateSnippetAwardEmojiOnNote creates an award emoji on a note from a snippet.
//
// GitLab API docs:
// https://docs.gitlab.com/api/emoji_reactions/#add-a-new-emoji-reaction-to-a-comment
func (s *AwardEmojiService) CreateSnippetAwardEmojiOnNote(pid any, snippetIID, noteID int, opt *CreateAwardEmojiOptions, options ...RequestOptionFunc) (*AwardEmoji, *Response, error) {
return s.createAwardEmojiOnNote(pid, awardSnippets, snippetIID, noteID, opt, options...)
}
🤖 Prompt for AI Agents 
In vendor/gitlab.com/gitlab-org/api/client-go/award_emojis.go around lines 399
to 422, the comments for the methods CreateIssuesAwardEmojiOnNote,
CreateMergeRequestAwardEmojiOnNote, and CreateSnippetAwardEmojiOnNote
incorrectly say "gets an award emoji" when these methods actually create award
emojis on notes. Update the comments to accurately reflect that these methods
create award emojis on notes, changing "gets" to "creates" or similar wording to
clarify their purpose.

Roming22
Roming22 approved these changes Aug 4, 2025
View reviewed changes
Copy link
Member

@Roming22 Roming22 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@openshift-ci openshift-ci bot added the lgtm label Aug 4, 2025
@openshift-ci OpenShift CI
Copy link

openshift-ci bot commented Aug 4, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dperaza4dustbit, Roming22

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@dperaza4dustbit dperaza4dustbit force-pushed the gitlab_rbac_integration branch from a2a8ffc to 6fffb9c Compare August 4, 2025 16:34
@openshift-ci openshift-ci bot removed the lgtm label Aug 4, 2025
@Roming22 Roming22 added the lgtm label Aug 4, 2025
@Roming22 Roming22 force-pushed the gitlab_rbac_integration branch from 6fffb9c to ba883df Compare August 5, 2025 11:59
@openshift-ci openshift-ci bot removed the lgtm label Aug 5, 2025
@Roming22
Copy link
Member

Roming22 commented Aug 5, 2025

/lgtm

@openshift-ci openshift-ci bot added the lgtm label Aug 5, 2025
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Aug 5, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
2 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.9% Duplication on New Code

See analysis details on SonarQube Cloud

@openshift-merge-bot openshift-merge-bot bot merged commit a6329fb into redhat-appstudio:main Aug 5, 2025
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@Roming22 Roming22 Roming22 approved these changes

@jkopriva jkopriva Awaiting requested review from jkopriva

@xinredhat xinredhat Awaiting requested review from xinredhat

@prietyc123 prietyc123 Awaiting requested review from prietyc123

@rhopp rhopp Awaiting requested review from rhopp

Assignees

@Roming22 Roming22

Labels
approved lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dperaza4dustbit @Roming22