COO-1550: apply cluster TLS profile to health-analyzer

[tremes]

COO-1550

[openshift-ci-robot]

@tremes: This pull request references COO-1550 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the task to target the "5.0.0" version, but no target version was set.

Details

In response to this:

COO-1550

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[coderabbitai]

Important

Review skipped

Auto reviews are limited based on label configuration.

🚫 Review skipped — only excluded labels are configured. (1)

• work-in-progress

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 4c2341e3-249b-4efe-94d3-4dcd183b0381

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

📝 Walkthrough

Walkthrough

The health analyzer Deployment constructor now takes a UIPluginInfo struct instead of a raw image string; callers were updated to pass the full pluginInfo. The deployment uses pluginInfo.HealthAnalyzerImage for the container image. Container start arguments always include TLS certificate and key file flags and conditionally add --tls-cipher-suites when pluginInfo.TLSCiphers is non-empty and --tls-min-version when pluginInfo.TLSMinVersion is set. The hard-coded arg list and the separate image parameter were removed.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly describes the main change: applying cluster TLS profile configuration to the health-analyzer component.
Description check	✅ Passed	The description references the Jira issue COO-1550 which is related to the pull request changes, meeting the minimal requirement for description relevance.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@pkg/controllers/uiplugin/health_analyzer.go`:
- Around line 121-123: The condition checking pluginInfo.TLSCiphers is wrong
(len(...) >= 0 is always true) so it appends an empty --tls-cipher-suites= flag;
update the guard to check for len(pluginInfo.TLSCiphers) > 0 before appending to
args so the fmt.Sprintf("--tls-cipher-suites=%s", strings.Join(...)) call only
runs when TLSCiphers is non-empty (referencing pluginInfo.TLSCiphers and the
args append in health_analyzer.go).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 030b99ce-a707-401c-83a8-841cd9858d9c

📥 Commits

Reviewing files that changed from the base of the PR and between bdce2e2 and 87c50dd.

📒 Files selected for processing (2)

• pkg/controllers/uiplugin/components.go
• pkg/controllers/uiplugin/health_analyzer.go

[jgbernalp]

/lgtm

[jgbernalp]

/approve

[tremes]

Thanks for approval @jgbernalp.

I think this also needs an update of health-analyzer image reference here (to pass the new added E2E test). I will build and tag some health-analyzer rc0 image.

[jgbernalp]

/lgtm

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: jgbernalp, tremes

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [jgbernalp]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment