chore: update linter and fix lints

[feichashao]

What type of PR is this?

• fix (Bug Fix)
• feat (New Feature)
• docs (Documentation)
• test (Test Coverage)
• chore (Clean Up / Maintenance Tasks)
• other (Anything that doesn't fit the above)

What this PR does / Why we need it?

This PR updates the golangci-lint version and updates the install script URL as per https://golangci-lint.run/docs/welcome/install/local/ .

This PR also fixes some lint checks which are discovered in the new linter version.

Which Jira/Github issue(s) does this PR fix?

• Related Issue #
• Closes #

Special notes for your reviewer

Unit Test Coverage

Guidelines

• If it's a new sub-command or new function to an existing sub-command, please cover at least 50% of the code
• If it's a bug fix for an existing sub-command, please cover 70% of the code

Test coverage checks

• Added unit tests
• Created jira card to add unit test
• This PR may not need unit tests

Pre-checks (if applicable)

• Ran unit tests locally
• Validated the changes in a cluster
• Included documentation changes with PR
• Backward compatible

/label tide/merge-method-squash

Summary by CodeRabbit

• Chores
  • Updated development tooling versions for improved code quality and security checks
  • Refined internal test infrastructure with updated security scanning annotations

[coderabbitai]

Walkthrough

This PR updates the golangci-lint linter version from v2.5.0 to v2.12.2 and changes the installer source, then updates security linter suppression annotations across the codebase to align with the newer linter release.

Changes

Security Linter Updates

Layer / File(s)	Summary
Golangci-lint version and installer Makefile	GOLANGCI_LINT_VERSION is bumped from v2.5.0 to v2.12.2, and the getlint install source switches from GitHub raw content to the official golangci-lint.run/install.sh endpoint.
Security suppression annotations pkg/awsutil/sts.go, pkg/elevate/elevate_test.go, pkg/utils/jwt_test.go	Linter suppression comments are updated across three files: G117 suppression added for credential marshaling in sts.go, G204 extended to G204,G702 in elevate_test.go test helpers, and JWT test tokens updated with explicit G101 suppression labels replacing generic comments in jwt_test.go.

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 20.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'chore: update linter and fix lints' directly matches the pull request's main objectives: updating golangci-lint version and fixing lint issues discovered by the new linter.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@Makefile`:
- Line 72: Replace the unsafe "curl ... | sh" installer invocation in the
Makefile with a verified installation flow: stop piping remote install.sh to sh
and instead either (preferred) remove this ad-hoc install and use the pinned
GitHub Action golangci-lint-action in CI, or (if keeping local Makefile install)
download the specific release tarball for $(GOLANGCI_LINT_VERSION), verify its
checksum/signature against a trusted source, then extract and install to
$(GOPATH)/bin; update the Makefile target that currently runs "curl -sSfL
https://golangci-lint.run/install.sh | sh -s -- -b $(GOPATH)/bin
$(GOLANGCI_LINT_VERSION)" accordingly and ensure the new flow references the
same GOLANGCI_LINT_VERSION variable.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: dfd232f5-26d4-44a0-8040-00d16da0b7c7

📥 Commits

Reviewing files that changed from the base of the PR and between 512767c and af17bf0.

📒 Files selected for processing (4)

• Makefile
• pkg/awsutil/sts.go
• pkg/elevate/elevate_test.go
• pkg/utils/jwt_test.go

[feichashao]

/retest

[openshift-ci]

@feichashao: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[MitaliBhalla]

/lgtm

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: feichashao, MitaliBhalla

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [MitaliBhalla,feichashao]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 54.02%. Comparing base (512767c) to head (af17bf0).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #949   +/-   ##
=======================================
  Coverage   54.02%   54.02%           
=======================================
  Files          82       82           
  Lines        6323     6323           
=======================================
  Hits         3416     3416           
  Misses       2462     2462           
  Partials      445      445           

Files with missing lines	Coverage Δ
pkg/awsutil/sts.go	62.77% <100.00%> (ø)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.