Update google.golang.org/genproto digest to 3700d41

[red-hat-konflux-kflux-prd-rh02]

This PR contains the following updates:

Package	Type	Update	Change
google.golang.org/genproto	indirect	digest	4cfbd41 → 3700d41

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

To execute skipped test pipelines write comment /ok-to-test.

---

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

[red-hat-konflux-kflux-prd-rh02]

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 10 additional dependencies were updated

Details:

Package	Change
cloud.google.com/go/auth	v0.18.1 -> v0.18.2
cloud.google.com/go/iam	v1.5.3 -> v1.11.0
cloud.google.com/go/pubsub/v2	v2.4.0 -> v2.5.1
github.com/googleapis/enterprise-certificate-proxy	v0.3.12 -> v0.3.14
github.com/googleapis/gax-go/v2	v2.17.0 -> v2.21.0
golang.org/x/oauth2	v0.35.0 -> v0.36.0
golang.org/x/time	v0.14.0 -> v0.15.0
google.golang.org/api	v0.266.0 -> v0.274.0
google.golang.org/genproto/googleapis/api	v0.0.0-20260401024825-9d38bb4040a9 -> v0.0.0-20260504160031-60b97b32f348
google.golang.org/genproto/googleapis/rpc	v0.0.0-20260401024825-9d38bb4040a9 -> v0.0.0-20260504160031-60b97b32f348

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign ma-hill for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

Hi @red-hat-konflux-kflux-prd-rh02[bot]. Thanks for your PR.

I'm waiting for a openshift-hyperfleet member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[coderabbitai]

📝 Walkthrough

Walkthrough

The pull request updates multiple indirect dependency versions in go.mod. Google Cloud libraries are bumped, including cloud.google.com/go/auth, cloud.google.com/go/iam, and cloud.google.com/go/pubsub/v2. Google APIs-related libraries are also updated, including github.com/googleapis/enterprise-certificate-proxy and github.com/googleapis/gax-go/v2. Transitive dependencies such as golang.org/x/oauth2, golang.org/x/time, google.golang.org/api, and google.golang.org/genproto packages are bumped to newer versions. No direct dependencies, module directives, or go version are modified.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description check	✅ Passed	The PR description is related to the changeset—it documents a dependency update to google.golang.org/genproto from digest 4cfbd41 to 3700d41.
Title check	✅ Passed	The title accurately reflects the main change: updating the google.golang.org/genproto digest to a specific commit hash (3700d41).

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch konflux/mintmaker/main/google.golang.org-genproto-digest

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@go.mod`:
- Around line 42-46: The PR unintentionally updates many indirect modules (e.g.,
cloud.google.com/go/auth, cloud.google.com/go/auth/oauth2adapt,
cloud.google.com/go/compute/metadata, cloud.google.com/go/iam,
cloud.google.com/go/pubsub/v2, google.golang.org/genproto etc.); narrow the
change to only the targeted genproto digest by reverting unrelated indirect
version bumps in go.mod, run go mod tidy to regenerate go.sum, and ensure tests
pass; if you need to update those other modules, move them into a separate PR
with its own changelog and test run to limit scope and regression blast radius.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Central YAML (base), Organization UI (inherited)

Review profile: ASSERTIVE

Plan: Enterprise

Run ID: 6887766c-2653-4169-82fb-5f020f024f00

📥 Commits

Reviewing files that changed from the base of the PR and between 2ff5ec0 and 9395494.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (1)

• go.mod

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Scope drift: this PR updates far more than the stated genproto digest.

Lines 42–46, 93–94, and 161–169 show broad indirect upgrades (auth/iam/pubsub/gax/oauth2/api/time), not just google.golang.org/genproto. Please keep this PR to the targeted digest bump or split non-target upgrades into a separate PR to reduce regression/debug blast radius.

Suggested minimal-scope approach

- cloud.google.com/go/auth v0.18.2 // indirect
- cloud.google.com/go/iam v1.11.0 // indirect
- cloud.google.com/go/pubsub/v2 v2.5.1 // indirect
- github.com/googleapis/enterprise-certificate-proxy v0.3.14 // indirect
- github.com/googleapis/gax-go/v2 v2.21.0 // indirect
- golang.org/x/oauth2 v0.36.0 // indirect
- golang.org/x/time v0.15.0 // indirect
- google.golang.org/api v0.274.0 // indirect
+ ... keep existing versions unless required by genproto resolution ...
  google.golang.org/genproto v0.0.0-20260511170946-3700d4141b60 // indirect

As per coding guidelines "**: Focus on major issues impacting performance, readability, maintainability and security. Avoid nitpicks and avoid verbosity. Validate changes against HyperFleet architecture standards from the linked architecture repository."

Also applies to: 93-94, 161-169

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@go.mod` around lines 42 - 46, The PR unintentionally updates many indirect
modules (e.g., cloud.google.com/go/auth, cloud.google.com/go/auth/oauth2adapt,
cloud.google.com/go/compute/metadata, cloud.google.com/go/iam,
cloud.google.com/go/pubsub/v2, google.golang.org/genproto etc.); narrow the
change to only the targeted genproto digest by reverting unrelated indirect
version bumps in go.mod, run go mod tidy to regenerate go.sum, and ensure tests
pass; if you need to update those other modules, move them into a separate PR
with its own changelog and test run to limit scope and regression blast radius.

[ciaranRoche]

Closing: superseded by renovate.json config in #140 (HYPERFLEET-1095). MintMaker will re-create grouped updates on the next Monday cycle.

[red-hat-konflux-kflux-prd-rh02]

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update. You will not get PRs for the google.golang.org/genproto 3700d41 update again.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.