Mintmaker: Add a Secret containing service account token

[adelaon]

for the purpose of Kite request authentication

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: adelaon

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• components/mintmaker/OWNERS [adelaon]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[github-actions]

🤖 Gemini AI Assistant Available

Hi @adelaon! I'm here to help with your pull request. You can interact with me using the following commands:

Available Commands

• @gemini-cli /review - Request a comprehensive code review

  • Example: @gemini-cli /review Please focus on security and performance

• @gemini-cli <your question> - Ask me anything about the codebase

  • Example: @gemini-cli How can I improve this function?
  • Example: @gemini-cli What are the best practices for error handling here?

How to Use

1. Simply type one of the commands above in a comment on this PR
2. I'll analyze your code and provide detailed feedback
3. You can track my progress in the workflow logs

Permissions

Only OWNER, MEMBER, or COLLABORATOR users can trigger my responses. This ensures secure and appropriate usage.

---

This message was automatically added to help you get started with the Gemini AI assistant. Feel free to delete this comment if you don't need assistance.

[github-actions]

🤖 Hi @adelaon, I've received your request, and I'm working on it now! You can track my progress in the logs for more details.

[konflux-ci-qe-bot]

🤖 Pipeline Failure Analysis

Category: Infrastructure

The pipeline failed due to infrastructure issues causing DNS resolution errors, which prevented the cluster nodes from connecting to the OpenShift API server and ultimately led to a timeout during end-to-end test execution.

📋 Technical Details

Immediate Cause

The immediate cause of the failure was a series of infrastructure-level DNS resolution errors. Steps like gather-audit-logs, gather-extra, gather-must-gather, and redhat-appstudio-gather all failed because the worker nodes could not resolve the hostname api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com. This prevented these tools from establishing a connection to the OpenShift API server to collect diagnostic information.

Contributing Factors

The DNS resolution failures in the gather steps directly impacted the subsequent redhat-appstudio-e2e test execution. Although the test step itself reported a timeout (Entrypoint received interrupt: terminated), this is highly likely a secondary effect of the underlying network connectivity issues. The tests could not properly initialize or run because the necessary cluster components were unreachable due to the DNS problem.

Impact

The DNS resolution failures prevented the collection of crucial diagnostic data by the various gather steps. This lack of information makes it more challenging to pinpoint the exact cause of future issues. Furthermore, the inability to connect to the cluster API directly blocked the execution of the end-to-end tests, rendering the entire pipeline unable to validate the infrastructure and application deployments.

🔍 Evidence

appstudio-e2e-tests/gather-audit-logs

Category: infrastructure
Root Cause: The failure is due to a DNS resolution error, where the cluster nodes cannot resolve the hostname of the OpenShift API server. This prevents the must-gather tool from connecting to the cluster to collect audit logs.

Logs:

artifacts/appstudio-e2e-tests/gather-audit-logs/log.txt line 4

[must-gather      ] OUT 2026-01-30T13:30:26.232137955Z Get "https://api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com:6443/apis/image.openshift.io/v1/namespaces/openshift/imagestreams/must-gather": dial tcp: lookup api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com on 172.30.0.10:53: no such host

artifacts/appstudio-e2e-tests/gather-audit-logs/log.txt line 24

error getting cluster version: Get "https://api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com:6443/apis/config.openshift.io/v1/clusterversions/version": dial tcp: lookup api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com on 172.30.0.10:53: no such host

artifacts/appstudio-e2e-tests/gather-audit-logs/log.txt line 31

error getting cluster operators: Get "https://api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com:6443/apis/config.openshift.io/v1/clusteroperators": dial tcp: lookup api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com on 172.30.0.10:53: no such host

artifacts/appstudio-e2e-tests/gather-audit-logs/log.txt line 40

Error running must-gather collection:
    creating temp namespace: Post "https://api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com:6443/api/v1/namespaces": dial tcp: lookup api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com on 172.30.0.10:53: no such host

artifacts/appstudio-e2e-tests/gather-audit-logs/log.txt line 65

error running backup collection: Get "https://api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com:6443/api?timeout=32s": dial tcp: lookup api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com on 172.30.0.10:53: no such host

artifacts/appstudio-e2e-tests/gather-audit-logs/log.txt line 82

error getting cluster version: Get "https://api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com:6443/apis/config.openshift.io/v1/clusterversions/version": dial tcp: lookup api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com on 172.30.0.10:53: no such host

artifacts/appstudio-e2e-tests/gather-audit-logs/log.txt line 89

error getting cluster operators: Get "https://api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com:6443/apis/config.openshift.io/v1/clusteroperators": dial tcp: lookup api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com on 172.30.0.10:53: no such host

artifacts/appstudio-e2e-tests/gather-audit-logs/log.txt line 97

error: creating temp namespace: Post "https://api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com:6443/api/v1/namespaces": dial tcp: lookup api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com on 172.30.0.10:53: no such host

appstudio-e2e-tests/gather-extra

Category: infrastructure
Root Cause: The failure is due to a DNS resolution error, where the worker nodes are unable to resolve the hostname of the Kubernetes API server. This prevents the gather-extra step from connecting to the cluster.

Logs:

appstudio-e2e-tests/gather-extra

E0130 13:30:19.993830      30 memcache.go:265] couldn't get current server API group list: Get "https://api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com:6443/api?timeout=5s": dial tcp: lookup api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com on 172.30.0.10:53: no such host
E0130 13:30:20.004870      30 memcache.go:265] couldn't get current server API group list: Get "https://api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com:6443/api?timeout=5s": dial tcp: lookup api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com on 172.30.0.10:53: no such host
Unable to connect to the server: dial tcp: lookup api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com on 172.30.0.10:53: no such host

appstudio-e2e-tests/gather-must-gather

Category: infrastructure
Root Cause: The failure was caused by network issues, specifically timeouts and DNS resolution failures, preventing the must-gather tool from connecting to the Kubernetes API server.

Logs:

artifacts/appstudio-e2e-tests/gather-must-gather/build-log.txt line 23

Error running must-gather collection:
    creating temp namespace: Post "https://api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com:6443/api/v1/namespaces": dial tcp [REDACTED: Public IP (ipv4)]: i/o timeout

artifacts/appstudio-e2e-tests/gather-must-gather/build-log.txt line 31

E0130 13:29:36.706648      42 memcache.go:265] couldn't get current server API group list: Get "https://api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com:6443/api?timeout=32s": dial tcp [REDACTED: Public IP (ipv4)]: i/o timeout

artifacts/appstudio-e2e-tests/gather-must-gather/build-log.txt line 33

E0130 13:29:36.718492      42 memcache.go:265] couldn't get current server API group list: Get "https://api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com:6443/api?timeout=32s": dial tcp: lookup api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com on 172.30.0.10:53: no such host

artifacts/appstudio-e2e-tests/gather-must-gather/build-log.txt line 46

error running backup collection: Get "https://api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com:6443/api?timeout=32s": dial tcp: lookup api.konflux-4-17-us-west-2-p6tzv.konflux-qe.devcluster.openshift.com on 172.30.0.10:53: no such host

appstudio-e2e-tests/redhat-appstudio-e2e

Category: timeout
Root Cause: The make ci/test/e2e command received a termination signal, likely due to a timeout, causing the process to be killed after a grace period. This interrupted the execution of the end-to-end tests.

Logs:

artifacts/appstudio-e2e-tests/redhat-appstudio-e2e/build-log.txt line 438

{"component":"entrypoint","file":"sigs.k8s.io/prow/pkg/entrypoint/run.go:173","func":"sigs.k8s.io/prow/pkg/entrypoint.Options.ExecuteProcess","level":"error","msg":"Entrypoint received interrupt: terminated","severity":"error","time":"2026-01-30T13:24:48Z"}

artifacts/appstudio-e2e-tests/redhat-appstudio-e2e/build-log.txt line 441

make: *** [Makefile:25: ci/test/e2e] Terminated

artifacts/appstudio-e2e-tests/redhat-appstudio-e2e/build-log.txt line 444

{"component":"entrypoint","file":"sigs.k8s.io/prow/pkg/entrypoint/run.go:267","func":"sigs.k8s.io/prow/pkg/entrypoint.gracefullyTerminate","level":"error","msg":"Process did not exit before 15s grace period","severity":"error","time":"2026-01-30T13:25:03Z"}

artifacts/appstudio-e2e-tests/redhat-appstudio-e2e/build-log.txt line 447

{"component":"entrypoint","error":"os: process already finished","file":"sigs.k8s.io/prow/pkg/entrypoint/run.go:269","func":"sigs.k8s.io/prow/pkg/entrypoint.gracefullyTerminate","level":"error","msg":"Could not kill process after grace period","severity":"error","time":"2026-01-30T13:25:03Z"}

appstudio-e2e-tests/redhat-appstudio-gather

Category: infrastructure
Root Cause: The oc client is unable to resolve the hostname of the Kubernetes API server due to a DNS lookup failure. This prevents the tool from connecting to the cluster and performing necessary data collection.

---

Analysis powered by prow-failure-analysis | Build: 2017223477064372224

[qixiang]

/lgtm

[qixiang]

/retest