[Draft] add OpenShift service account JWTs to authenticate proxy pods to Vault

[sallyom]

Use OpenShift service account JWTs to authenticate proxy pods to Vault

[coderabbitai]

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Enterprise

Run ID: b2eddcd0-a428-498d-8f04-2868a513b603

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov-commenter]

Codecov Report

❌ Patch coverage is 54.15162% with 127 lines in your changes missing coverage. Please review.
✅ Project coverage is 77.36%. Comparing base (d54ba10) to head (8f4d16c).

Files with missing lines	Patch %	Lines
internal/controller/claw_egress.go	0.00%	38 Missing ⚠️
internal/controller/claw_credentials.go	31.37%	30 Missing and 5 partials ⚠️
internal/controller/claw_proxy.go	70.00%	20 Missing and 13 partials ⚠️
internal/proxy/credential_source.go	54.16%	11 Missing ⚠️
internal/controller/claw_resource_controller.go	16.66%	3 Missing and 2 partials ⚠️
internal/proxy/injector_gcp.go	85.00%	3 Missing ⚠️
internal/proxy/injector_apikey.go	71.42%	1 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master     #192      +/-   ##
==========================================
- Coverage   78.92%   77.36%   -1.56%     
==========================================
  Files          32       33       +1     
  Lines        4176     4414     +238     
==========================================
+ Hits         3296     3415     +119     
- Misses        563      664     +101     
- Partials      317      335      +18     

Files with missing lines	Coverage Δ
internal/proxy/config.go	100.00% <ø> (ø)
internal/proxy/injector_bearer.go	100.00% <100.00%> (ø)
internal/proxy/injector_oauth2.go	95.12% <100.00%> (+0.12%)	⬆️
internal/proxy/injector_pathtoken.go	100.00% <100.00%> (ø)
internal/proxy/injector_apikey.go	90.00% <71.42%> (+0.52%)	⬆️
internal/proxy/injector_gcp.go	57.89% <85.00%> (+9.45%)	⬆️
internal/controller/claw_resource_controller.go	64.76% <16.66%> (-0.34%)	⬇️
internal/proxy/credential_source.go	54.16% <54.16%> (ø)
internal/controller/claw_proxy.go	79.53% <70.00%> (-2.79%)	⬇️
internal/controller/claw_credentials.go	71.29% <31.37%> (-6.89%)	⬇️
... and 1 more

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.