feat: add EnableAccountVerifier configuration flag

[mfrancisc]

generated from codeready-toolchain/api#505

Jira: https://redhat.atlassian.net/browse/SANDBOX-1837

Summary by CodeRabbit

• New Features
  • Added a new account verifier configuration option for the registration service. This setting controls whether account verification for disposable email domains is enforced or logged during user registration.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 6ea0bf7d-1160-4537-be8b-1c70a312a997

📥 Commits

Reviewing files that changed from the base of the PR and between 952bcce and ea75bce.

📒 Files selected for processing (1)

• config/crd/bases/toolchain.dev.openshift.com_toolchainconfigs.yaml

📜 Recent review details

🧰 Additional context used

📓 Path-based instructions (1)

**

⚙️ CodeRabbit configuration file

-Focus on major issues impacting performance, readability, maintainability and security. Avoid nitpicks and avoid verbosity.

Files:

• config/crd/bases/toolchain.dev.openshift.com_toolchainconfigs.yaml

🔀 Multi-repo context codeready-toolchain/api, codeready-toolchain/toolchain-e2e, codeready-toolchain/toolchain-common

codeready-toolchain/api

• ToolchainConfig / status types reference registration and account verifier fields:
  • api/v1alpha1/toolchainconfig_types.go:61 — RegistrationService RegistrationServiceConfig json:"registrationService,omitempty" [::codeready-toolchain/api::]
  • api/v1alpha1/toolchainconfig_types.go:225 — RegistrationServiceURL *string json:"registrationServiceURL,omitempty" [::codeready-toolchain/api::]
  • api/v1alpha1/toolchainconfig_types.go:263 — AccountVerifierURL *string json:"accountVerifierURL,omitempty" [::codeready-toolchain/api::]
• OpenAPI / docs include registrationService and accountVerifier schema entries (zz_generated.openapi.go, docs/apiref.adoc) that will reflect the new CRD field and should be kept in sync with the CRD change [::codeready-toolchain/api::]

codeready-toolchain/toolchain-e2e

• Tests and test helpers reference the registration service and configuration:
  • testsupport/wait/host.go:68,78 — NewHostAwaitility and RegistrationServiceNs field usage [::codeready-toolchain/toolchain-e2e::]
  • test/e2e/parallel/toolchainconfig_test.go:20,22,29 — accesses registration-service object and waits for deployment readiness [::codeready-toolchain/toolchain-e2e::]
  • test/e2e/parallel/registration_service_test.go:1131–1135 — calls registration service endpoints (/api/v1/signup) and parses signup responses (could be affected if account-verifier behavior changes) [::codeready-toolchain/toolchain-e2e::]
  • testsupport/init.go:67–105,196–233 — reads registration service namespace/env and constructs registrationServiceURL and metrics URL used by tests [::codeready-toolchain/toolchain-e2e::]
• Deployment/test config files include registrationService blocks:
  • deploy/host-operator/*/toolchainconfig.yaml (multiple paths) — may need to include the new enableAccountVerifier flag if tests assert behavior that depends on account-verifier enforcement [::codeready-toolchain/toolchain-e2e::]

codeready-toolchain/toolchain-common

• No matches for registrationService/accountVerifier in quick search (no direct references found) — likely unaffected by the CRD flag addition [::codeready-toolchain/toolchain-common::]

Summary / impact

• API repo already exposes registrationService/accountVerifier fields; adding spec.host.registrationService.enableAccountVerifier in the CRD means consumers (notably toolchain-e2e test configs and tests that call registration service endpoints) may need updates to config files or tests if behavior changes (enforcement vs. logging). OpenAPI/docs in api/ must reflect the new field (zz_generated.openapi.go and docs) — ensure they are regenerated/updated.

🔇 Additional comments (1)

config/crd/bases/toolchain.dev.openshift.com_toolchainconfigs.yaml (1)

221-226: LGTM!

---

Walkthrough

The PR adds a new enableAccountVerifier boolean configuration field to the ToolchainConfig CRD schema under spec.host.registrationService. When enabled, the registration service enforces account-verifier responses for disposable email domain verification; when disabled or unset, the account-verifier is called but only logged.

Changes

Registration Service Account Verifier Configuration

Layer / File(s)	Summary
CRD schema account verifier field config/crd/bases/toolchain.dev.openshift.com_toolchainconfigs.yaml	The enableAccountVerifier boolean property is added to spec.host.registrationService with description documenting enforcement vs logging behavior for account-verifier responses.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Suggested labels

feature

Suggested reviewers

• fbm3307
• MatousJobanek
• alexeykazakov

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'feat: add EnableAccountVerifier configuration flag' accurately describes the main change—adding a new boolean configuration field to enable/disable account verifier functionality in the ToolchainConfig CRD.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud