METAL-1838: Bump setuptools version to align with latest ironic requirements

[elfosardo]

Summary by CodeRabbit

• Chores
  • Updated the Python setuptools build dependency to a newer minimum version to improve build reliability and stability of container image builds.

[openshift-ci-robot]

@elfosardo: This pull request references METAL-1838 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "5.0.0" version, but no target version was set.

Details

In response to this:

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: ed4c3d72-28de-4ed0-9147-2c357fcd176e

📥 Commits

Reviewing files that changed from the base of the PR and between c658cc7 and 9587dcb.

📒 Files selected for processing (1)

• Dockerfile.ocp

---

Walkthrough

The PR raises the wheel-builder stage's python3.12-setuptools minimum version in Dockerfile.ocp from >= 70.3.0 to >= 78.1.1.

Changes

Build Dependencies

Layer / File(s)	Summary
Setuptools version constraint update Dockerfile.ocp	The python3.12-setuptools minimum version is increased from >= 70.3.0 to >= 78.1.1 in the wheel-builder stage.

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 12

✅ Passed checks (12 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title clearly and specifically describes the main change: updating the setuptools version in the Dockerfile to align with ironic requirements, which matches the actual changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names	✅ Passed	This PR only updates a Dockerfile dependency version. The custom check targets Ginkgo test naming patterns, which are not present in this repository and not modified by this PR.
Test Structure And Quality	✅ Passed	The custom check requires reviewing Ginkgo test code, but this PR contains no Ginkgo tests. The repository is a Python/Bash containerization project with no Go code, so the check is not applicable.
Microshift Test Compatibility	✅ Passed	No Ginkgo e2e tests were added. Only Python unit tests and container configuration files. MicroShift compatibility check for Ginkgo tests is not applicable.
Single Node Openshift (Sno) Test Compatibility	✅ Passed	No new Ginkgo e2e tests are added in this PR. The change only updates setuptools version in Dockerfile.ocp, which is not subject to SNO compatibility testing.
Topology-Aware Scheduling Compatibility	✅ Passed	PR updates Dockerfile.ocp setuptools version only; no deployment manifests, operator code, or controllers are modified, so topology-aware scheduling check is not applicable.
Ote Binary Stdout Contract	✅ Passed	This PR only updates a Dockerfile dependency version (setuptools) and contains no Go code, OTE binaries, or test suite configuration that could violate stdout contracts.
Ipv6 And Disconnected Network Test Compatibility	✅ Passed	No Ginkgo e2e tests are added in this PR. The change only updates a setuptools version constraint in Dockerfile.ocp. The check is not applicable to non-Go, non-e2e changes.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: elfosardo

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [elfosardo]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@Dockerfile.ocp`:
- Line 23: Replace the setuptools constraint string 'python3.12-setuptools >=
78.1.0' with 'python3.12-setuptools >= 78.1.1' to pull the patched release
addressing the path traversal vulnerability, and remove or correct any PR
description text that claims this change aligns with OpenStack Ironic
requirements (the Ironic requirements file does not mandate 78.1.0) so the
justification stands on its own merits.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 5fd8a639-d005-493d-87b4-04a1d9763de0

📥 Commits

Reviewing files that changed from the base of the PR and between 323974b and c658cc7.

📒 Files selected for processing (1)

• Dockerfile.ocp

[elfosardo]

/hold

[elfosardo]

/retest

[elfosardo]

/test prevalidation-images

[elfosardo]

/test images

[openshift-ci]

@elfosardo: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/e2e-metal-ipi-ovn-ipv6	9587dcb	link	true	/test e2e-metal-ipi-ovn-ipv6
ci/prow/e2e-metal-ipi-virtualmedia	9587dcb	link	true	/test e2e-metal-ipi-virtualmedia
ci/prow/e2e-metal-ipi-bm	9587dcb	link	true	/test e2e-metal-ipi-bm
ci/prow/images	9587dcb	link	true	/test images

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.