feat: add EnableAccountVerifier configuration flag

[mfrancisc]

generated from codeready-toolchain/api#505

Jira: https://redhat.atlassian.net/browse/SANDBOX-1837

Summary by CodeRabbit

• New Features
  • Added a configuration option to enable or disable the account-verifier behavior in the registration service. This controls whether account verification (e.g., handling disposable email domains) is actively enforced or only logged during user registration.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 139878fa-33fd-486d-95f4-9d2f331b780d

📥 Commits

Reviewing files that changed from the base of the PR and between ea75bce and 5e7dcaa.

📒 Files selected for processing (1)

• config/crd/bases/toolchain.dev.openshift.com_toolchainconfigs.yaml

📜 Recent review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: govulncheck
• GitHub Check: test
• GitHub Check: Build & push operator bundles & dashboard image for e2e tests

🧰 Additional context used

📓 Path-based instructions (1)

**

⚙️ CodeRabbit configuration file

-Focus on major issues impacting performance, readability, maintainability and security. Avoid nitpicks and avoid verbosity.

Files:

• config/crd/bases/toolchain.dev.openshift.com_toolchainconfigs.yaml

🔀 Multi-repo context codeready-toolchain/api, codeready-toolchain/toolchain-e2e, codeready-toolchain/toolchain-common

[::codeready-toolchain/api::]

• api/v1alpha1/toolchainconfig_types.go: RegistrationService and AccountVerifier fields exist:
  • RegistrationService RegistrationServiceConfig json:"registrationService,omitempty" (line shown in search) — CRD types already model registrationService.
  • AccountVerifierURL *string json:"accountVerifierURL,omitempty" — account-verifier URL is already part of the API.
  • Generated OpenAPI and docs reference registrationService/accountVerifier (api/v1alpha1/zz_generated.openapi.go and api/v1alpha1/docs/apiref.adoc) — OpenAPI/docs will need regeneration/update to reflect the new spec.host.registrationService.accountVerifierEnabled field. [::codeready-toolchain/api::]

[::codeready-toolchain/toolchain-e2e::]

• tests and helpers that reference the registration service:
  • testsupport/wait/host.go — NewHostAwaitility and RegistrationServiceNs usage; awaitility holds RegistrationServiceURL/NS used by tests. [::codeready-toolchain/toolchain-e2e::]
  • testsupport/init.go — reads registration service namespace/env, builds registrationServiceURL and metrics URL, waits for routes (lines shown in search). Tests derive endpoints from these values. [::codeready-toolchain/toolchain-e2e::]
  • test/e2e/parallel/registration_service_test.go — calls registration service endpoints (/api/v1/signup) and parses signup responses (e.g., waitForUserSignupReadyInRegistrationService, ParseSignupResponse). Behavior could be affected if account-verifier enforcement changes signup responses. [::codeready-toolchain/toolchain-e2e::]
  • test/e2e/parallel/toolchainconfig_test.go — loads registration-service object and waits for deployment readiness; deploy config files under deploy/host-operator/*/toolchainconfig.yaml include registrationService blocks (these YAMLs may need the new enableAccountVerifier flag if tests or CI expect particular behavior). [::codeready-toolchain/toolchain-e2e::]

[::codeready-toolchain/toolchain-common::]

• No matches for registrationService or accountVerifier in repository search — no direct references found; likely unaffected. [::codeready-toolchain/toolchain-common::]

Summary / impact:

• API repo already contains relevant types/docs; ensure generated OpenAPI/docs are updated to include spec.host.registrationService.accountVerifierEnabled. [::codeready-toolchain/api::]
• toolchain-e2e contains tests and deployment/test configs that interact with the registration service and may need updates (test expectations or toolchainconfig YAMLs) depending on what enabling account-verifier changes (enforcement vs. passive). [::codeready-toolchain/toolchain-e2e::]
• toolchain-common shows no direct impact. [::codeready-toolchain/toolchain-common::]

🔇 Additional comments (1)

config/crd/bases/toolchain.dev.openshift.com_toolchainconfigs.yaml (1)

162-165: LGTM!

---

Walkthrough

Adds a boolean CRD field spec.host.registrationService.accountVerifierEnabled to ToolchainConfig that documents whether the registration service enforces account-verifier responses or only logs them.

Changes

Registration Service Account Verifier Configuration

Layer / File(s)	Summary
CRD schema account verifier field config/crd/bases/toolchain.dev.openshift.com_toolchainconfigs.yaml	Adds accountVerifierEnabled: boolean under spec.host.registrationService with an OpenAPI description stating it controls whether the registration service acts on account-verifier responses.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• codeready-toolchain/host-operator#1260: Modifies the same ToolchainConfig CRD area for account-verifier-related configuration.

Suggested reviewers

• alexeykazakov
• fbm3307
• metlos

Suggested labels

feature

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'feat: add EnableAccountVerifier configuration flag' clearly and concisely describes the main change—adding a new boolean configuration flag for account verifier functionality in the ToolchainConfig CRD schema.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: alexeykazakov, metlos, mfrancisc

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [alexeykazakov,metlos,mfrancisc]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud