build(deps): bump github.com/openshift-online/ocm-cli from 1.0.10 to 1.0.13

[dependabot]

Bumps github.com/openshift-online/ocm-cli from 1.0.10 to 1.0.13.

Release notes

Sourced from github.com/openshift-online/ocm-cli's releases.

Release 1.0.13

• [OCM-21285](https://redhat.atlassian.net/browse/OCM-21285) | feat: day-1 support for default ingress excluded namespace selectors
• [OCM-22568](https://redhat.atlassian.net/browse/OCM-22568) | fix: show channel field in cluster describe output (#1041)
• [OCM-21286](https://redhat.atlassian.net/browse/OCM-21286) | feat: day-2 support for ingress excluded namespace selectors
• [OCM-22804](https://redhat.atlassian.net/browse/OCM-22804) | feat: add describe, create, and edit kubeletconfig commands (#1042)
• [OCM-22964](https://redhat.atlassian.net/browse/OCM-22964) | fix: support clearing excluded namespace selectors
• Update OWNERS (#1056)
• chore: bump pipeline refs (#1058)
• Red Hat Konflux update ocm-cli (#1059)
• konflux: hermetic builds (#1061)
• [OCM-23143](https://redhat.atlassian.net/browse/OCM-23143) | fix: describe clusters with missing dns_domain records (#1060)
• [OCM-21289](https://redhat.atlassian.net/browse/OCM-21289) | feat: display excluded namespace selectors in ingress describe
• [OCM-22967](https://redhat.atlassian.net/browse/OCM-22967) | chore: bump ocm-sdk-go

Release 1.0.12

• updated name label to conform with the release pipeline (#1008)
• updated name label to conform with the release pipeline (#1018)
• added cpe label to comply with release pipeline requirements (#1019)
• [OCM-21265](https://redhat.atlassian.net/browse/OCM-21265) | feat: cli gcp dns zone commands (#1021)
• [OCM-21266](https://redhat.atlassian.net/browse/OCM-21266) | feat: cli cluster creation with predefined dns zones (#1022)
• [OCM-22579](https://redhat.atlassian.net/browse/OCM-22579) | fix: ocm gcp delete dns-zone fails when project is none (#1028)
• [OCM-22578](https://redhat.atlassian.net/browse/OCM-22578) | fix: ocm gcp list dns-zone output width columns (#1029)
• [OCM-21266](https://redhat.atlassian.net/browse/OCM-21266) | fix: only list gcp dns zones defined by the user (#1031)
• [OCM-22604](https://redhat.atlassian.net/browse/OCM-22604) | fix: cli dns zone deletion protection when clusters are still linked (#1032)
• [OCM-22016](https://redhat.atlassian.net/browse/OCM-22016) | fix: go version 1.24.13 (#1033)
• [OCM-21266](https://redhat.atlassian.net/browse/OCM-21266) | fix: changed dns zone flag name and limited support for gcp (#1030)
• [OCM-21267](https://redhat.atlassian.net/browse/OCM-21267) | fix: update konflux references (#1034)
• chore | bump konflux references (#1039)

Release 1.0.11

• Update CHANGES.md (#944)
• chore | updating konflux pipeline refs (#947)
• add validation retry for gcp service account file prompts (#948)
• add authentication type on cluster describe (#949)
• fix(deps): update module github.com/openshift-online/ocm-common to v0.0.34 (#938)
• fix(deps): update module github.com/openshift-online/ocm-sdk-go to v0.1.486 (#945)
• bump konflux references (#952)
• Bump golang.org/x/crypto from 0.31.0 to 0.45.0 (#936)
• fix(deps): update module github.com/openshift/rosa to v1.2.60 (#950)
• Update dependencies.
• chore(deps): update github.com/planetscale/vtprotobuf digest to ba97887
• chore(deps): update aws-sdk-go-v2 monorepo
• chore(deps): update module github.com/godbus/dbus/v5 to v5.2.2
• chore(deps): update module github.com/sirupsen/logrus to v1.9.4
• fix(deps): update module github.com/googleapis/gax-go/v2 to v2.16.0
• chore(deps): update module github.com/prometheus/common to v0.67.5
• chore(deps): update module golang.org/x/tools to v0.41.0

... (truncated)

Changelog

Sourced from github.com/openshift-online/ocm-cli's changelog.

1.0.13 Apr 2 2026

• [OCM-21285](https://redhat.atlassian.net/browse/OCM-21285) | feat: day-1 support for default ingress excluded namespace selectors
• [OCM-22568](https://redhat.atlassian.net/browse/OCM-22568) | fix: show channel field in cluster describe output (#1041)
• [OCM-21286](https://redhat.atlassian.net/browse/OCM-21286) | feat: day-2 support for ingress excluded namespace selectors
• [OCM-22804](https://redhat.atlassian.net/browse/OCM-22804) | feat: add describe, create, and edit kubeletconfig commands (#1042)
• [OCM-22964](https://redhat.atlassian.net/browse/OCM-22964) | fix: support clearing excluded namespace selectors
• Update OWNERS (#1056)
• chore: bump pipeline refs (#1058)
• Red Hat Konflux update ocm-cli (#1059)
• konflux: hermetic builds (#1061)
• [OCM-23143](https://redhat.atlassian.net/browse/OCM-23143) | fix: describe clusters with missing dns_domain records (#1060)
• [OCM-21289](https://redhat.atlassian.net/browse/OCM-21289) | feat: display excluded namespace selectors in ingress describe
• [OCM-22967](https://redhat.atlassian.net/browse/OCM-22967) | chore: bump ocm-sdk-go

1.0.12 Mar 9 2026

• updated name label to conform with the release pipeline (#1008)
• updated name label to conform with the release pipeline (#1018)
• added cpe label to comply with release pipeline requirements (#1019)
• [OCM-21265](https://redhat.atlassian.net/browse/OCM-21265) | feat: cli gcp dns zone commands (#1021)
• [OCM-21266](https://redhat.atlassian.net/browse/OCM-21266) | feat: cli cluster creation with predefined dns zones (#1022)
• [OCM-22579](https://redhat.atlassian.net/browse/OCM-22579) | fix: ocm gcp delete dns-zone fails when project is none (#1028)
• [OCM-22578](https://redhat.atlassian.net/browse/OCM-22578) | fix: ocm gcp list dns-zone output width columns (#1029)
• [OCM-21266](https://redhat.atlassian.net/browse/OCM-21266) | fix: only list gcp dns zones defined by the user (#1031)
• [OCM-22604](https://redhat.atlassian.net/browse/OCM-22604) | fix: cli dns zone deletion protection when clusters are still linked (#1032)
• [OCM-22016](https://redhat.atlassian.net/browse/OCM-22016) | fix: go version 1.24.13 (#1033)
• [OCM-21266](https://redhat.atlassian.net/browse/OCM-21266) | fix: changed dns zone flag name and limited support for gcp (#1030)
• [OCM-21267](https://redhat.atlassian.net/browse/OCM-21267) | fix: update konflux references (#1034)
• chore | bump konflux references (#1039)

1.0.11 Feb 10 2026

• Update CHANGES.md (#944)
• chore | updating konflux pipeline refs (#947)
• add validation retry for gcp service account file prompts (#948)
• add authentication type on cluster describe (#949)
• fix(deps): update module github.com/openshift-online/ocm-common to v0.0.34 (#938)
• fix(deps): update module github.com/openshift-online/ocm-sdk-go to v0.1.486 (#945)
• bump konflux references (#952)
• Bump golang.org/x/crypto from 0.31.0 to 0.45.0 (#936)
• fix(deps): update module github.com/openshift/rosa to v1.2.60 (#950)
• Update dependencies.
• chore(deps): update github.com/planetscale/vtprotobuf digest to ba97887
• chore(deps): update aws-sdk-go-v2 monorepo
• chore(deps): update module github.com/godbus/dbus/v5 to v5.2.2
• chore(deps): update module github.com/sirupsen/logrus to v1.9.4
• fix(deps): update module github.com/googleapis/gax-go/v2 to v2.16.0
• chore(deps): update module github.com/prometheus/common to v0.67.5
• chore(deps): update module golang.org/x/tools to v0.41.0

... (truncated)

Commits

• e621c19 Merge pull request #1072 from miguelhbrito/release_1.0.13
• 8378277 Release v1.0.13
• 240cfda Merge pull request #1066 from rcampos2029/OCM-22967
• 99247a8 [OCM-22967](https://redhat.atlassian.net/browse/OCM-22967) | chore: bump ocm-sdk-go
• fcdd49b Merge pull request #1062 from rcampos2029/OCM-21289
• 24cb99c [OCM-21289](https://redhat.atlassian.net/browse/OCM-21289) | feat: display excluded namespace selectors in ingress describe
• e8f8ba0 [OCM-23143](https://redhat.atlassian.net/browse/OCM-23143) | fix: describe clusters with missing dns_domain records (#1060)
• ab08e47 konflux: hermetic builds (#1061)
• 5a969a5 Red Hat Konflux update ocm-cli (#1059)
• 724f243 chore: bump pipeline refs (#1058)
• Additional commits viewable in compare view

[coderabbitai]

Important

Review skipped

Ignore keyword(s) in the title.

⛔ Ignored keywords (3)

• WIP
• deps
• Do Not Merge

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: f237ce0a-48b4-430b-bc2e-d7c96eca94a5

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

Walkthrough

Updated dependency versions in go.mod: bumped several direct modules (including github.com/openshift-online/ocm-cli, github.com/spf13/cobra, k8s.io/apimachinery) and adjusted numerous indirect/transitive dependencies (adds, upgrades, and removals) without code or API changes.

Changes

Cohort / File(s)

Summary

Dependency Updates go.mod

Bumped direct dependencies: github.com/openshift-online/ocm-cli v1.0.10→v1.0.13, github.com/spf13/cobra v1.10.1→v1.10.2, k8s.io/apimachinery v0.30.3→v0.34.3 (also referenced ocm-sdk-go bump). Updated many transitive modules: added al.essio.dev/pkg/shellescape v1.6.0, github.com/fxamacker/cbor/v2 v2.9.0, sigs.k8s.io/randfill v1.0.0, sigs.k8s.io/structured-merge-diff/v6 v6.3.0; upgraded others (e.g., ocm-common, go.yaml.in/yaml, golang.org/x/time, google.golang.org/protobuf); removed indirect github.com/alessio/shellescape, github.com/google/gofuzz. No source/API changes.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/go_modules/github.com/openshift-online/ocm-cli-1.0.13

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign diakovnec for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@go.mod`:
- Line 35: The go.mod currently pins k8s.io/apimachinery at v0.34.3 while
k8s.io/api, k8s.io/cli-runtime, and k8s.io/client-go are at v0.30.3, causing
minor-version skew; update k8s.io/apimachinery to the same minor release as the
others (e.g., v0.30.3) so all four Kubernetes direct dependencies
(k8s.io/apimachinery, k8s.io/api, k8s.io/cli-runtime, k8s.io/client-go) are
aligned to the same minor version to avoid type incompatibilities, then run go
mod tidy and run tests/build to verify no import/type errors.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 378dc849-c54e-46ee-8393-44678f783055

📥 Commits

Reviewing files that changed from the base of the PR and between 59c1c29 and fb2b9ed.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (1)

• go.mod

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== Direct k8s dependency versions from go.mod =="
rg -n '^\s*k8s\.io/(api|apimachinery|cli-runtime|client-go)\s+v' go.mod

echo
echo "== Repository imports of k8s.io modules (context) =="
rg -n --type go -C2 '"k8s\.io/(api|apimachinery|cli-runtime|client-go)(/|")'

echo
echo "== Note =="
echo "If mixed minors are not explicitly required, align these four direct modules to one minor (typically the same release train)."

Repository: openshift/backplane-cli

Length of output: 14513

---

Align Kubernetes direct dependency minors to avoid version-skew incompatibilities.

k8s.io/apimachinery v0.34.3 (Line 35) is four minor versions ahead of its Kubernetes peers: k8s.io/api, k8s.io/cli-runtime, and k8s.io/client-go are all pinned to v0.30.3 (Lines 34, 36–37). The codebase actively imports types from all four modules across 30+ files—including metav1 and k8serrors from the newer apimachinery alongside core API types from the older release. This mismatch introduces risk of type incompatibilities at runtime.

Align these four direct modules to the same minor version (typically the same Kubernetes release train).

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@go.mod` at line 35, The go.mod currently pins k8s.io/apimachinery at v0.34.3
while k8s.io/api, k8s.io/cli-runtime, and k8s.io/client-go are at v0.30.3,
causing minor-version skew; update k8s.io/apimachinery to the same minor release
as the others (e.g., v0.30.3) so all four Kubernetes direct dependencies
(k8s.io/apimachinery, k8s.io/api, k8s.io/cli-runtime, k8s.io/client-go) are
aligned to the same minor version to avoid type incompatibilities, then run go
mod tidy and run tests/build to verify no import/type errors.

[MitaliBhalla]

@coderabbitai what coding guidelines are you using for this repo?

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

🧩 Analysis chain

@MitaliBhalla Thanks for asking — I’m pulling the repo’s own style/lint configuration and the current CodeRabbit review configuration to give you a precise answer. I’ll summarize what we use here (linters, formatters, CI checks, and CodeRabbit rules) right after I gather the details.

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== Find guideline/config files =="
fd -HI --max-results 200 '.golangci.*|\.editorconfig|CONTRIBUTING.*|CODE_OF_CONDUCT.*|.pre-commit-config.yaml|Makefile|OWNERS|CODEOWNERS|PULL_REQUEST_TEMPLATE.*|README.*|LICENSE' -E '' -tf -a | sed 's/^/FILE: /'

echo
echo "== Look for CodeRabbit config files =="
fd -HI --max-results 50 '.coderabbit.yml|.coderabbit.yaml|coderabbit.yml|coderabbit.yaml' -tf -a | sed 's/^/CODERABBIT: /'

echo
echo "== Show golangci config if present =="
if fd -HI '.golangci.yml' -tf -a >/dev/null 2>&1; then
  echo "--- .golangci.yml ---"
  cat "$(fd -HI '.golangci.yml' -tf -a | head -n1)"
fi
if fd -HI '.golangci.yaml' -tf -a >/dev/null 2>&1; then
  echo "--- .golangci.yaml ---"
  cat "$(fd -HI '.golangci.yaml' -tf -a | head -n1)"
fi

echo
echo "== Check GitHub Actions for lint-related workflows =="
fd -HI '.github/workflows/*.yml' -tf -a | while read -r wf; do
  echo "--- $wf ---"
  rg -n -C2 -i 'golangci|lint|fmt|vet' "$wf" || true
done

echo
echo "== Check Makefile lint/format targets if Makefile exists =="
if fd -HI '^Makefile$' -tf -a >/dev/null 2>&1; then
  mf="$(fd -HI '^Makefile$' -tf -a | head -n1)"
  echo "--- $mf (lint-related targets) ---"
  rg -n -C1 -i 'lint|fmt|vet|staticcheck|gofmt|goimports' "$mf" || true
fi

echo
echo "== Top-level CONTRIBUTING or style docs =="
for f in CONTRIBUTING.md CONTRIBUTING.rst CONTRIBUTING.txt docs/CONTRIBUTING.md docs/development.md; do
  if [ -f "$f" ]; then
    echo "--- $f ---"
    sed -n '1,200p' "$f"
  fi
done

Length of output: 682

---

🛠 Debug Information Gathered

---

@MitaliBhalla: Here's a summary of the coding guidelines and review configuration in use for this repo:

---

📋 Repository Linting (.golangci.yml)

The repo ships its own golangci-lint configuration, which CodeRabbit picks up automatically:

Setting	Value
Enabled linters	errcheck, gosec, govet, ineffassign, staticcheck, unused
Download mode	readonly
Exclusion presets	comments, common-false-positives, legacy, std-error-handling
Excluded paths	third_party$, builtin$, examples$
Generated files	treated with lax exclusions

---

🐰 CodeRabbit Review Configuration

Review profile: chill — focuses on meaningful issues, avoids nitpicks.

Global review instruction (applies to all files):

Focus on major issues impacting performance, readability, maintainability and security. Avoid nitpicks and avoid verbosity.

Path filters: vendor/** and **/vendor/** are excluded from review.

Active static analysis tools (all enabled, relevant ones for this Go repo):

• golangci-lint (v2.11.4) — uses the repo's .golangci.yml
• actionlint — checks GitHub Actions workflows
• shellcheck — checks shell scripts
• markdownlint — checks Markdown files
• yamllint — checks YAML files
• gitleaks + trufflehog — secret scanning
• checkov + trivy — IaC security scanning
• osvScanner — dependency vulnerability scanning
• hadolint — Dockerfile linting

Other notable settings:

• Knowledge base opt-out: true (no cross-PR learning persistence)
• Web search: disabled
• Learnings scope: local (repo-only)
• No custom pre-merge checks configured
• No path-specific override instructions beyond the global one above

[openshift-ci]

@dependabot[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/coverage	57d920c	link	true	/test coverage
ci/prow/test	57d920c	link	true	/test test
ci/prow/images	57d920c	link	true	/test images
ci/prow/build	57d920c	link	true	/test build
ci/prow/lint	57d920c	link	true	/test lint

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.