Bump scality/vault from 7.88.0 to 7.89.0 in /env/default

[dependabot]

Bumps scality/vault from 7.88.0 to 7.89.0.

[github-actions]

Dependency Bump Evaluation

Version change: scality/vault 7.88.0 -> 7.89.0 (minor)
Dependency type: Docker image (internal Scality component)
Files changed: env/default/values.yaml (image tag only)

Changes: Unable to inspect — vault repository is private, no release notes or commit history accessible.

Breaking changes: None detected. Minor version bump of an internal component.

Security concerns: None. Vault is an internal Scality IAM service; no third-party supply chain risk. The bump does not change any application code or dependency resolution.

Impact on codebase: Vault is used exclusively as test infrastructure in the e2e environment. No application code (pkg/, cmd/) references vault directly. The e2e test suite exercises vault through the S3/IAM stack, so CI results are the primary validation signal.

CI status: Build and e2e tests are still in progress at time of review. Ensure CI passes before merging.

Recommendation: SAFE TO MERGE (after CI passes)

— Claude Code

[claude]

The workbench SHA 21e956d is an untagged commit ahead of v0.14.0. Consider adding a comment so future readers know what version this corresponds to and can update to a proper tag once workbench cuts one.

Suggested change

	uses: scality/workbench@21e956d9024ed334c450093c49c99a0cd50e3dc4
	uses: scality/workbench@21e956d9024ed334c450093c49c99a0cd50e3dc4 # post-v0.14.0, required for vault 7.89.0 startup fix

— Claude Code

[claude]

LGTM — vault 7.88.0 → 7.89.0 bump and the companion workbench fix look correct.

• Workbench is pinned to an untagged SHA (21e956d, ahead of v0.14.0) — needed because vault 7.89.0 breaks yarn-based startup. Consider adding an inline comment and updating to a tag once workbench releases one.

Review by Claude Code

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 76.71%. Comparing base (58d1613) to head (835414d).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #185   +/-   ##
=======================================
  Coverage   76.71%   76.71%           
=======================================
  Files          22       22           
  Lines        1954     1954           
=======================================
  Hits         1499     1499           
  Misses        364      364           
  Partials       91       91           

Flag	Coverage Δ
unit	76.71% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[dvasilas]

@dependabot rebase

[dependabot]

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

[dvasilas]

@dependabot recreate

[github-actions]

Dependency Bump Evaluation

Version change: scality/vault 7.88.0 -> 7.89.0 (minor)
Bump type: Docker image tag (test infrastructure)
File changed: env/default/values.yaml (1 line)

Changes: Unable to inspect — vault repo is private and release notes are not accessible.

Breaking changes: None detected. Minor version bump of an internal Scality component.

Security concerns: Vault provides IAM/auth services, but this image is only used in the e2e test environment, not as a code dependency. No application code changes.

Impact on codebase: Vault is referenced in:

• env/default/values.yaml — image tag (this PR)
• test/e2e/suite_test.go — connects to vault IAM/STS endpoints at test time
• test/e2e/replication_test.go — references vault account seeding
• pkg/ensureserviceuser/ — interacts with vault via standard AWS IAM SDK

No Go module or import changes. The application communicates with vault through the AWS IAM/STS API, which is stable across minor versions.

CI status: Build, test, and e2e checks are in progress. No failures.

Recommendation: SAFE TO MERGE (after CI passes)

Notes: The e2e test suite is the primary validation that this vault version is compatible. Confirm all checks pass before merging.

— Claude Code