Bump redhat-services-prod/openshift/boilerplate from image-v8.3.5 to image-v8.3.6 in /build

[dependabot]

Bumps redhat-services-prod/openshift/boilerplate from image-v8.3.5 to image-v8.3.6.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Summary by CodeRabbit

• Chores
  • Updated Docker builder base image to a newer version.

[coderabbitai]

Walkthrough

The Docker builder base image tag in the build stage is updated from image-v8.3.5 to image-v8.3.6. No other build steps, runtime configuration, or code functionality are modified.

Changes

Cohort / File(s)	Summary
Build Configuration build/Dockerfile	Updated builder base image tag from image-v8.3.5 to image-v8.3.6.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

🚥 Pre-merge checks | ✅ 11 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description is missing required sections from the template including 'What is being added?', testing checklist, and manual testing steps.	Add the missing template sections: explain what's being changed, complete the testing checklist, and provide steps to manually test the Docker image update.

✅ Passed checks (11 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and specifically describes the main change: bumping a Docker base image from one version to another.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names	✅ Passed	All Ginkgo test names are stable and deterministic. No dynamic information detected in any test titles. All test names use static, descriptive strings following best practices.
Test Structure And Quality	✅ Passed	The PR only updates the Docker base image tag in build/Dockerfile. No Ginkgo test files were added or modified, so the test quality check is not applicable to this PR.
Microshift Test Compatibility	✅ Passed	PR only bumps Docker base image version in build/Dockerfile from image-v8.3.5 to image-v8.3.6. No new Ginkgo e2e tests are added, so the MicroShift compatibility check is not applicable.
Single Node Openshift (Sno) Test Compatibility	✅ Passed	This PR only updates a Docker builder image tag in build/Dockerfile. No new Ginkgo e2e tests are added, so the SNO test compatibility check is not applicable.
Topology-Aware Scheduling Compatibility	✅ Passed	PR only updates Docker builder base image tag. No deployment manifests, operator code, or controllers are modified. Custom check is not applicable.
Ote Binary Stdout Contract	✅ Passed	PR only updates Docker image tag in Dockerfile. Custom check for OTE Binary Stdout violations is inapplicable—no source code changes that could corrupt JSON output.
Ipv6 And Disconnected Network Test Compatibility	✅ Passed	PR only updates Docker base image tag in build/Dockerfile. No new Ginkgo e2e tests were added. Custom check applies only when tests are added, so it does not apply.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/docker/build/redhat-services-prod/openshift/boilerplate-image-v8.3.6

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign bergmannf for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@build/Dockerfile`:
- Line 1: The Dockerfile's FROM line references a non-existent base image tag
image-v8.3.6 which will cause image-not-found failures; update the FROM
instruction to use a confirmed existing tag (for example image-v8.3.4) or
replace it with the correct registry/tag your CI uses, and if image-v8.3.6 is
intentional, confirm and document its availability in the registry so the FROM
line in the Dockerfile reflects an actual, accessible tag.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 0decde72-832e-4937-a07f-0e3adac6d380

📥 Commits

Reviewing files that changed from the base of the PR and between 3b59c4f and 58dad6f.

📒 Files selected for processing (1)

• build/Dockerfile

[coderabbitai]

⚠️ Potential issue | 🔴 Critical | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Verify the current digest behind the tag on Quay (read-only)
TOKEN="$(curl -fsSL 'https://quay.io/v2/auth?service=quay.io&scope=repository:redhat-services-prod/openshift/boilerplate:pull' | jq -r '.token')"

curl -fsSI \
  -H "Authorization: Bearer ${TOKEN}" \
  -H 'Accept: application/vnd.docker.distribution.manifest.v2+json' \
  'https://quay.io/v2/redhat-services-prod/openshift/boilerplate/manifests/image-v8.3.6' \
  | tr -d '\r' | awk -F': ' '/Docker-Content-Digest/ {print $2}'

Repository: openshift/managed-node-metadata-operator

Length of output: 66

---

🌐 Web query:

quay.io redhat-services-prod openshift boilerplate image-v8.3.6 docker

💡 Result:

I couldn’t verify the exact image reference you provided: quay.io/redhat-services-prod/openshift/boilerplate:image-v8.3.6. What I could verify from authoritative sources is: - The upstream OpenShift boilerplate repository uses image tags named image-v{X}.{Y}.{Z} and documents that those tags correspond to build images produced from Konflux/CI [1]. - In the boilerplate repository, the latest release I found is image-v8.3.4 (published 2026-02-25) [2]. I did not find any public evidence (in the searched sources) that an image-v8.3.6 release exists as of today (2026-05-11). So, with high confidence based on the sources above: - Image-v8.3.6 is not confirmed publicly in the boilerplate release tags I found; the most recent confirmed boilerplate build image tag is image-v8.3.4 [2]. If you want, share the full intended docker image name format you’re using (including whether “openshift/boilerplate” is actually the repository path on Quay or whether there’s an additional component like openhshift-user-workloads, user-workloads, or a tenant namespace). Then I can re-check for the exact v8.3.6 tag under the correct Quay path.

Citations:

• 1: https://github.com/openshift/boilerplate/
• 2: https://github.com/openshift/boilerplate/releases/tag/image-v8.3.4

---

🏁 Script executed:

# Check if the image exists and what the previous tag was
cd build && cat -n Dockerfile | head -20

Repository: openshift/managed-node-metadata-operator

Length of output: 918

---

🏁 Script executed:

# Try alternative approach to verify the image is valid
# Check if we can find any references to this image in the codebase
rg "quay.io/redhat-services-prod/openshift/boilerplate" --type dockerfile --type yaml --type json

Repository: openshift/managed-node-metadata-operator

Length of output: 119

---

🏁 Script executed:

# Search for references to the image across the repo
rg "image-v8.3.6" --type yaml --type json --type text

Repository: openshift/managed-node-metadata-operator

Length of output: 113

---

🏁 Script executed:

# Check if there's any changelog, release notes, or documentation about v8.3.6
fd -e md -e txt | xargs grep -l "8.3.6" 2>/dev/null | head -10

Repository: openshift/managed-node-metadata-operator

Length of output: 66

---

Verify the base image tag image-v8.3.6 exists.

The tag image-v8.3.6 does not appear in the publicly available boilerplate releases—the latest confirmed release is image-v8.3.4 (published 2026-02-25). Builds with this tag will fail with an image-not-found error. Either use a confirmed existing tag or clarify if this version is scheduled for release and available in your registry.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@build/Dockerfile` at line 1, The Dockerfile's FROM line references a
non-existent base image tag image-v8.3.6 which will cause image-not-found
failures; update the FROM instruction to use a confirmed existing tag (for
example image-v8.3.4) or replace it with the correct registry/tag your CI uses,
and if image-v8.3.6 is intentional, confirm and document its availability in the
registry so the FROM line in the Dockerfile reflects an actual, accessible tag.

[openshift-ci]

@dependabot[bot]: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/validate	58dad6f	link	true	/test validate

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 58.60%. Comparing base (3b59c4f) to head (58dad6f).

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #241   +/-   ##
=======================================
  Coverage   58.60%   58.60%           
=======================================
  Files           5        5           
  Lines         244      244           
=======================================
  Hits          143      143           
  Misses         87       87           
  Partials       14       14           

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.