Automated rebase to K8s 1.36.1

[dfarrell07]

Generated by the new/WIP k8s-rebase Claude skill.

openshift-eng/ai-helpers@main...dfarrell07:ai-helpers:k8s-rebase-skill

Summary by CodeRabbit

• Dependencies

  • Upgraded to Go 1.26 and refreshed core dependencies for improved performance and compatibility.
  • Updated Kubernetes support to version 1.36.

• Tests

  • Improved test suite configuration with optimized async assertion timing.

• Chores

  • Modernized codebase to use current Go standard library practices.
  • Updated code quality linting tools to latest standards.

[openshift-ci]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[coderabbitai]

Walkthrough

This PR upgrades the project to Go 1.26, modernizes Kubernetes API scheme registration and webhook validation to newer controller-runtime patterns, removes deprecated io/ioutil usage, and includes minor controller logic optimizations and error message improvements.

Changes

Toolchain and Code Modernization

Layer / File(s)	Summary
Toolchain and Dependency Upgrades .ci-operator.yaml, Dockerfile, Dockerfile.daemon, Dockerfile.daemon.openshift, Dockerfile.openshift, Makefile, hack/lint.sh, go.mod	Go 1.25 → 1.26 across all Docker build stages; Kubernetes envtest version 1.32.x → 1.36; golangci-lint v1.54.2 → v1.64.8; go.mod direct and indirect dependencies updated to match Go 1.26 ecosystem.
API Scheme Registration Modernization api/v1alpha1/groupversion_info.go, api/v1alpha1/ingressnodefirewall_types.go, api/v1alpha1/ingressnodefirewallconfig_types.go, api/v1alpha1/ingressnodefirewallnodestate_types.go	Refactored from controller-runtime scheme.Builder to runtime.NewSchemeBuilder callback pattern; SchemeBuilder now uses runtime.Scheme callback that registers types explicitly via AddKnownTypes.
Webhook Validator Modernization pkg/webhook/webhook.go	Changed from untyped webhook.CustomValidator with runtime.Object to typed admission.Validator[*IngressNodeFirewall]; ValidateCreate, ValidateUpdate, and ValidateDelete now accept concrete *IngressNodeFirewall directly without runtime assertions.
Code Cleanup and Optimization pkg/ebpf/ingress_node_firewall_loader.go, pkg/render/render.go, pkg/utils/utils.go, controllers/ingressnodefirewall_controller.go	Replaced deprecated io/ioutil.ReadFile with os.ReadFile and ioutil.ReadDir with os.ReadDir; simplified bpfman detach logic by passing nil interface selector instead of building interfaces list; improved error message specificity in GetRange and BpfmanAttachNodeFirewall failure paths.
Test Infrastructure Configuration controllers/suite_test.go	Configured Ginkgo default async behavior with 5-second eventual timeout and 100-millisecond polling interval.

🎯 3 (Moderate) | ⏱️ ~25 minutes

🚥 Pre-merge checks | ✅ 13 | ❌ 2

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 16.67% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Test Structure And Quality	⚠️ Warning	Tests lack meaningful assertion failure messages (Expect/Eventually without message params) and some Eventually calls omit explicit timeouts, relying on suite default instead of spec-required expli...	Add assertion messages to all Expect/Eventually calls; explicitly specify timeout parameters for all Eventually blocks that interact with cluster resources, particularly in cleanup sections.

✅ Passed checks (13 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Automated rebase to K8s 1.36.1' clearly summarizes the main change of the PR - upgrading Kubernetes dependencies to v1.36.1 and related tooling updates.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names	✅ Passed	All Ginkgo test names (It, Describe, When, Context) contain only static values: constants defined in suite_test.go and test-defined map keys. No dynamic information (timestamps, UUIDs, generated ID...
Microshift Test Compatibility	✅ Passed	No new Ginkgo e2e tests were added in this PR. Only test suite configuration was updated in controllers/suite_test.go (timeout settings). The check is not applicable.
Single Node Openshift (Sno) Test Compatibility	✅ Passed	No new Ginkgo e2e tests were added in this PR; only test infrastructure configuration was updated (Gomega timeout settings). The check does not apply.
Topology-Aware Scheduling Compatibility	✅ Passed	PR does not add or modify deployment manifests or introduce scheduling constraints. Changes are limited to Go dependencies, code, and Docker/CI configs, with no new pod affinity, anti-affinity, top...
Ote Binary Stdout Contract	✅ Passed	No OTE stdout contract violations found. This project is a Kubernetes operator, not an OTE binary; test setup uses Ginkgo v1/Gomega with proper logger redirection via GinkgoWriter.
Ipv6 And Disconnected Network Test Compatibility	✅ Passed	No new Ginkgo e2e test cases (It/Describe/Context/When) were added in this PR. The only test file change was adding Ginkgo configuration to controllers/suite_test.go. The check is not applicable.
No-Weak-Crypto	✅ Passed	No weak cryptographic algorithms (MD5, SHA1, DES, RC4, ECB, Blowfish), custom crypto implementations, or insecure comparisons detected across 4,912 Go files in the codebase. The PR's changes involv...
Container-Privileges	✅ Passed	PR contains no new privileged container settings. Existing hostNetwork/hostPID in daemonset.yaml are pre-existing app requirements, not introduced by this Go version upgrade PR.
No-Sensitive-Data-In-Logs	✅ Passed	No logging statements expose sensitive data (passwords, tokens, API keys, PII, session IDs, hostnames, or customer data). All logs use structured logging with safe parameters like resource names an...

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dfarrell07
Once this PR has been reviewed and has the lgtm label, please assign danwinship for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[coderabbitai]

Actionable comments posted: 2

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)

Dockerfile.openshift (1)

21-26: ⚠️ Potential issue | 🔴 Critical | ⚡ Quick win

Container runs as root (violates security guidelines and inconsistent with base Dockerfile).

The runtime stage does not include a USER directive, so the container will run as root by default. As per coding guidelines, containers must run as non-root.

The base Dockerfile correctly includes USER nonroot:nonroot at line 29. This OpenShift variant should follow the same pattern.

🔒 Proposed fix to match the base Dockerfile

 FROM registry.ci.openshift.org/ocp/4.22:base-rhel9
 WORKDIR /
 COPY --from=builder /workspace/manager .
 COPY --from=builder /workspace/bindata/manifests /bindata/manifests
+
+USER 65532:65532
 
 ENTRYPOINT ["/manager"]

Note: Using UID/GID 65532 is the numeric equivalent of the nonroot user in distroless images.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@Dockerfile.openshift` around lines 21 - 26, The OpenShift runtime stage
currently leaves the container running as root (ENTRYPOINT ["/manager"])—add a
non-root user directive to match the base Dockerfile by inserting a USER
directive (use nonroot:nonroot or the numeric UID/GID 65532:65532) in the
runtime stage before the ENTRYPOINT so the container runs as non-root and aligns
with the base Dockerfile behavior.

Source: Coding guidelines

Dockerfile.daemon (1)

7-10: ⚠️ Potential issue | 🔴 Critical | 🏗️ Heavy lift

Daemon containers run as root across both build variants.

Both Dockerfile.daemon and Dockerfile.daemon.openshift lack a USER directive in their runtime stages, causing the daemon containers to run as root by default. As per coding guidelines, containers must run as non-root.

If the daemon requires elevated privileges for eBPF/firewall operations, consider using capabilities or privileged security contexts explicitly rather than implicit root execution. The security context should be declared in the DaemonSet manifest rather than baked into the container image.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@Dockerfile.daemon` around lines 7 - 10, The runtime stage in
Dockerfile.daemon leaves the container running as root; add a non-root user and
switch to it by creating a user/group (e.g., daemon user), chown the installed
binaries (/usr/bin/daemon and /usr/bin/syslog) to that user and add a USER
directive so the image no longer defaults to root; do not grant extra privileges
in the Dockerfile—leave any capabilities or privileged securityContext to the
DaemonSet manifest—ensure the binaries are executable by the non-root user
before switching.

Source: Coding guidelines

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@hack/lint.sh`:
- Around line 5-6: The comment above the VERSION variable is stale: update the
comment that currently says "pin golangci-lint version to 1.54.2" to reflect the
actual value of the VERSION variable (v1.64.8); change the comment text to match
VERSION and keep the reference consistent with the VERSION variable in
hack/lint.sh so future updates are obvious.

In `@Makefile`:
- Line 422: Update GOLANGCI_LINT_VERSION in the Makefile because v1.64.8 is not
built with Go 1.26 compatibility; set the GOLANGCI_LINT_VERSION variable to a
golangci-lint release that explicitly lists Go 1.26 support (pick the latest
release that declares Go 1.26 compatibility) and update the Makefile
accordingly; after changing GOLANGCI_LINT_VERSION, review the golangci-lint
changelog between v1.54.2 and v1.64.8 for any rule/config changes and adjust
your .golangci.yml (or linter config) or CI commands to accommodate
renamed/removed linters or new defaults.

---

Outside diff comments:
In `@Dockerfile.daemon`:
- Around line 7-10: The runtime stage in Dockerfile.daemon leaves the container
running as root; add a non-root user and switch to it by creating a user/group
(e.g., daemon user), chown the installed binaries (/usr/bin/daemon and
/usr/bin/syslog) to that user and add a USER directive so the image no longer
defaults to root; do not grant extra privileges in the Dockerfile—leave any
capabilities or privileged securityContext to the DaemonSet manifest—ensure the
binaries are executable by the non-root user before switching.

In `@Dockerfile.openshift`:
- Around line 21-26: The OpenShift runtime stage currently leaves the container
running as root (ENTRYPOINT ["/manager"])—add a non-root user directive to match
the base Dockerfile by inserting a USER directive (use nonroot:nonroot or the
numeric UID/GID 65532:65532) in the runtime stage before the ENTRYPOINT so the
container runs as non-root and aligns with the base Dockerfile behavior.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 91e35a94-15cc-4029-a949-167060f9a34d

📥 Commits

Reviewing files that changed from the base of the PR and between 1c7880a and 1107ec0.

⛔ Files ignored due to path filters (282)

• api/v1alpha1/zz_generated.deepcopy.go is excluded by !**/zz_generated*
• go.sum is excluded by !**/*.sum
• vendor/github.com/emicklei/go-restful/v3/.travis.yml is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/emicklei/go-restful/v3/CHANGES.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/emicklei/go-restful/v3/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/emicklei/go-restful/v3/curly.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/emicklei/go-restful/v3/custom_verb.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/emicklei/go-restful/v3/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/emicklei/go-restful/v3/jsr311.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/emicklei/go-restful/v3/route.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/.cirrus.yml is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/.editorconfig is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/.gitattributes is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/.gitignore is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/CHANGELOG.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/CONTRIBUTING.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/backend_fen.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/backend_inotify.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/backend_kqueue.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/backend_other.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/backend_windows.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/fsnotify.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/darwin.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/debug_darwin.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/debug_dragonfly.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/debug_freebsd.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/debug_kqueue.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/debug_linux.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/debug_netbsd.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/debug_openbsd.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/debug_solaris.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/debug_windows.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/freebsd.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/internal.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/unix.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/unix2.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/windows.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/mkdoc.zsh is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/shared.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/staticcheck.conf is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/system_bsd.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/system_darwin.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fxamacker/cbor/v2/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fxamacker/cbor/v2/bytestring.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fxamacker/cbor/v2/cache.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fxamacker/cbor/v2/common.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fxamacker/cbor/v2/decode.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fxamacker/cbor/v2/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fxamacker/cbor/v2/encode.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fxamacker/cbor/v2/encode_map.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fxamacker/cbor/v2/encode_map_go117.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fxamacker/cbor/v2/omitzero_go124.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fxamacker/cbor/v2/omitzero_pre_go124.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fxamacker/cbor/v2/simplevalue.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fxamacker/cbor/v2/stream.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fxamacker/cbor/v2/structfields.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fxamacker/cbor/v2/tag.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-logr/logr/.golangci.yaml is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/.codecov.yml is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/.golangci.yml is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/.mockery.yml is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/BENCHMARK.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/SECURITY.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/cmdutils/LICENSE is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/cmdutils/cmd_utils.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/cmdutils/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/cmdutils_iface.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/conv/LICENSE is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/conv/convert.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/conv/convert_types.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/conv/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/conv/format.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/conv/sizeof.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/conv/type_constraints.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/conv_iface.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/convert.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/convert_types.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/file.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/fileutils/LICENSE is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/fileutils/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/fileutils/file.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/fileutils/path.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/fileutils_iface.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/go.work is excluded by !**/*.work, !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/go.work.sum is excluded by !**/*.sum, !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/initialism_index.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/json.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/jsonname/LICENSE is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/jsonname/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/jsonname/name_provider.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/jsonname_iface.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/LICENSE is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/adapters/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/adapters/ifaces/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/adapters/ifaces/ifaces.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/adapters/ifaces/registry_iface.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/adapters/registry.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/adapter.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/lexer.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/ordered_map.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/pool.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/register.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/adapters/stdlib/json/writer.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/concat.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/json.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/jsonutils/ordered_map.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/jsonutils_iface.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/loading.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/loading/LICENSE is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/loading/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/loading/errors.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/loading/json.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/loading/loading.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/loading/options.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/loading/yaml.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/loading_iface.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/mangling/BENCHMARK.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/mangling/LICENSE is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/mangling/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/mangling/initialism_index.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/mangling/name_lexem.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/mangling/name_mangler.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/mangling/options.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/mangling/pools.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/mangling/split.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/mangling/string_bytes.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/mangling/util.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/mangling_iface.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/name_lexem.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/net.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/netutils/LICENSE is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/netutils/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/netutils/net.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/netutils_iface.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/path.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/split.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/string_bytes.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/stringutils/LICENSE is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/stringutils/collection_formats.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/stringutils/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/stringutils/strings.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/stringutils_iface.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/typeutils/LICENSE is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/typeutils/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/typeutils/types.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/typeutils_iface.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/util.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/yaml.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/yamlutils/LICENSE is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/yamlutils/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/yamlutils/errors.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/yamlutils/ordered_map.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/yamlutils/yaml.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-openapi/swag/yamlutils_iface.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/AUTHORS is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/CONTRIBUTORS is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/LICENSE is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/Makefile is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/clone.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/custom_gogo.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/decode.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/deprecated.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/discard.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/duration.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/duration_gogo.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/encode.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/encode_gogo.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/equal.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/extensions.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/extensions_gogo.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/lib.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/lib_gogo.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/message_set.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/pointer_reflect.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/pointer_reflect_gogo.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/pointer_unsafe.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/pointer_unsafe_gogo.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/properties.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/properties_gogo.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/skip_gogo.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/table_marshal.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/table_marshal_gogo.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/table_merge.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/table_unmarshal.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/table_unmarshal_gogo.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/text.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/text_gogo.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/text_parser.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/timestamp.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/timestamp_gogo.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/wrappers.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/proto/wrappers_gogo.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gogo/protobuf/sortkeys/sortkeys.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/AUTHORS is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/CONTRIBUTORS is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/LICENSE is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/proto/buffer.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/proto/defaults.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/proto/deprecated.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/proto/discard.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/proto/extensions.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/proto/properties.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/proto/proto.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/proto/registry.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/proto/text_decode.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/proto/text_encode.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/proto/wire.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/proto/wrappers.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/ptypes/any.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/ptypes/any/any.pb.go is excluded by !**/*.pb.go, !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/ptypes/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/ptypes/duration.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/ptypes/duration/duration.pb.go is excluded by !**/*.pb.go, !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/ptypes/timestamp.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/golang/protobuf/ptypes/timestamp/timestamp.pb.go is excluded by !**/*.pb.go, !**/vendor/**, !vendor/**
• vendor/github.com/google/btree/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/btree/btree.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/btree/btree_generic.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/gnostic-models/compiler/context.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/gnostic-models/compiler/extensions.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/gnostic-models/compiler/helpers.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/gnostic-models/compiler/reader.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/gnostic-models/extensions/extension.pb.go is excluded by !**/*.pb.go, !**/vendor/**, !vendor/**
• vendor/github.com/google/gnostic-models/extensions/extensions.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/gnostic-models/jsonschema/models.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/gnostic-models/jsonschema/reader.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/gnostic-models/jsonschema/writer.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/gnostic-models/openapiv2/OpenAPIv2.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/gnostic-models/openapiv2/OpenAPIv2.pb.go is excluded by !**/*.pb.go, !**/vendor/**, !vendor/**
• vendor/github.com/google/gnostic-models/openapiv2/document.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/gnostic-models/openapiv3/OpenAPIv3.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/gnostic-models/openapiv3/OpenAPIv3.pb.go is excluded by !**/*.pb.go, !**/vendor/**, !vendor/**
• vendor/github.com/google/gnostic-models/openapiv3/annotations.pb.go is excluded by !**/*.pb.go, !**/vendor/**, !vendor/**
• vendor/github.com/google/gnostic-models/openapiv3/annotations.proto is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/gnostic-models/openapiv3/document.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/gofuzz/.travis.yml is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/gofuzz/CONTRIBUTING.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/gofuzz/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/gofuzz/doc.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/google/gofuzz/fuzz.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gorilla/websocket/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gorilla/websocket/client.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gorilla/websocket/compression.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gorilla/websocket/conn.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gorilla/websocket/proxy.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gorilla/websocket/server.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gorilla/websocket/tls_handshake.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gorilla/websocket/tls_handshake_116.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gorilla/websocket/util.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/gorilla/websocket/x_net_proxy.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/josharian/intern/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/josharian/intern/intern.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/josharian/intern/license.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/mailru/easyjson/LICENSE is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/mailru/easyjson/buffer/pool.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/mailru/easyjson/jlexer/bytestostr.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/mailru/easyjson/jlexer/bytestostr_nounsafe.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/mailru/easyjson/jlexer/error.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/mailru/easyjson/jlexer/lexer.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/mailru/easyjson/jwriter/writer.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/moby/spdystream/NOTICE is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/moby/spdystream/connection.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/moby/spdystream/spdy/LICENSE is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/moby/spdystream/spdy/PATENTS is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/moby/spdystream/spdy/dictionary.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/moby/spdystream/spdy/options.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/moby/spdystream/spdy/read.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/moby/spdystream/spdy/types.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/moby/spdystream/spdy/write.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/modern-go/reflect2/safe_type.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/mxk/go-flowrate/LICENSE is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/mxk/go-flowrate/flowrate/flowrate.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/mxk/go-flowrate/flowrate/io.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/mxk/go-flowrate/flowrate/util.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/onsi/gomega/CHANGELOG.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/onsi/gomega/format/format.go is excluded by !**/vendor/**, !vendor/**

📒 Files selected for processing (18)

• .ci-operator.yaml
• Dockerfile
• Dockerfile.daemon
• Dockerfile.daemon.openshift
• Dockerfile.openshift
• Makefile
• api/v1alpha1/groupversion_info.go
• api/v1alpha1/ingressnodefirewall_types.go
• api/v1alpha1/ingressnodefirewallconfig_types.go
• api/v1alpha1/ingressnodefirewallnodestate_types.go
• controllers/ingressnodefirewall_controller.go
• controllers/suite_test.go
• go.mod
• hack/lint.sh
• pkg/ebpf/ingress_node_firewall_loader.go
• pkg/render/render.go
• pkg/utils/utils.go
• pkg/webhook/webhook.go

[coderabbitai]

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Update the stale comment.

The comment on line 5 still references version 1.54.2, but the actual version has been updated to 1.64.8.

📝 Proposed fix

-# pin golangci-lint version to 1.54.2
+# pin golangci-lint version to 1.64.8
 VERSION=v1.64.8

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	# pin golangci-lint version to 1.54.2
	VERSION=v1.54.2
	VERSION=v1.64.8
	# pin golangci-lint version to 1.64.8
	VERSION=v1.64.8

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@hack/lint.sh` around lines 5 - 6, The comment above the VERSION variable is
stale: update the comment that currently says "pin golangci-lint version to
1.54.2" to reflect the actual value of the VERSION variable (v1.64.8); change
the comment text to match VERSION and keep the reference consistent with the
VERSION variable in hack/lint.sh so future updates are obvious.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🌐 Web query:

Is golangci-lint v1.64.8 compatible with Go 1.26 and what are the major changes since v1.54.2?

💡 Result:

Golangci-lint v1.64.8 is not compatible with Go 1.26 [1][2]. Compatibility for golangci-lint is strictly tied to the Go version used to build the binary [2]. Because v1.64.8 was released on March 17, 2025 [3][4], well before the support for Go 1.26 was introduced in later versions of the tool (which required explicit updates to build workflows and internal configurations) [5][6], it cannot properly analyze code targeting Go 1.26 [1]. If you attempt to use v1.64.8 with Go 1.26, you will likely encounter errors stating that the Go version used to build the linter is lower than the targeted Go version [1]. Regarding major changes since v1.54.2, the project has seen significant evolution, including: 1. Support for newer Go versions: Successive releases added support for subsequent Go versions (e.g., Go 1.22 through Go 1.26) [5][6]. 2. Linter updates and consolidation: Many individual linters have been updated, and in some cases, merged or consolidated to improve performance and consistency (e.g., merging staticcheck, stylecheck, and gosimple into a single linter) [7][8]. 3. Configuration enhancements: Changes have been introduced to improve configuration management, including detecting and handling configuration files from newer major versions of the tool [4][9]. 4. Deprecations: Several linters have been deprecated as better alternatives or built-in functionality were introduced [7][10]. For continued support with modern Go environments, you should upgrade to a version of golangci-lint that explicitly supports your targeted Go version [5][2].

Citations:

• 1: Bug Report: Golang upgrade breaks golangci-lint CircleCI-Public/cimg-go#374
• 2: go1.25 support golangci/golangci-lint#5873
• 3: https://github.com/golangci/golangci-lint/releases/tag/v1.64.8
• 4: https://golangci-lint.run/docs/product/changelog-v1/
• 5: go1.26 support golangci/golangci-lint#6271
• 6: golangci/golangci-lint@e9b7221
• 7: https://github.com/golangci/golangci-lint/blob/main/CHANGELOG.md
• 8: https://golangci-lint.run/docs/product/changelog/
• 9: https://github.com/golangci/golangci-lint/blob/v2.11.4/CHANGELOG-v1.md
• 10: https://raw.githubusercontent.com/golangci/golangci-lint/master/CHANGELOG.md

---

Fix golangci-lint Go 1.26 compatibility (Makefile GOLANGCI_LINT_VERSION)
golangci-lint v1.64.8 is not compatible with Go 1.26 because compatibility is tied to the Go version used to build the linter binary, and v1.64.8 predates Go 1.26 support. Update GOLANGCI_LINT_VERSION to a release that explicitly supports Go 1.26, and check the golangci-lint changelog between v1.54.2 → v1.64.8 for linter/rule/config changes that may require config adjustments.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@Makefile` at line 422, Update GOLANGCI_LINT_VERSION in the Makefile because
v1.64.8 is not built with Go 1.26 compatibility; set the GOLANGCI_LINT_VERSION
variable to a golangci-lint release that explicitly lists Go 1.26 support (pick
the latest release that declares Go 1.26 compatibility) and update the Makefile
accordingly; after changing GOLANGCI_LINT_VERSION, review the golangci-lint
changelog between v1.54.2 and v1.64.8 for any rule/config changes and adjust
your .golangci.yml (or linter config) or CI commands to accommodate
renamed/removed linters or new defaults.

[openshift-ci]

@dfarrell07: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.