chore(xtest): Enables pqc on platform checkouts"#484
Conversation
|
Warning Review limit reached
More reviews will be available in 33 minutes and 21 seconds. Learn how PR review limits work. Your organization has run out of usage credits. Purchase more in the billing tab. ⌛ How to resolve this issue?After more reviews become available, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available. Please see our Fair Usage Limits Policy for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (2)
📝 WalkthroughWalkthroughThis PR enables Post-Quantum Cryptography (PQC) and hybrid TDF testing by pinning platform startup actions to PQC-enabled commits, configuring KAS instances with PQC support, enabling the hybrid TDF preview flag in the KAS service, and documenting acceptance criteria. ChangesPQC and Hybrid TDF Test Infrastructure
Estimated code review effort🎯 2 (Simple) | ⏱️ ~12 minutes Possibly related PRs
Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request enables the hybrid_tdf_enabled preview setting in the local KAS service configuration when key management is active. It also adds a draft specification document (spec/DSPX-3499.md) for handling pqc and hybrid pq/t tests. However, the specification document currently contains placeholder text for several key sections that should be fully documented before merging.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
X-Test Failure Report |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
otdf-local/src/otdf_local/services/kas.py (1)
1-229:⚠️ Potential issue | 🟠 MajorRun Python quality gates for
otdf-local(ruff + pyright) before merge: the attempted checks didn’t run becauseuvwasn’t available (uv: command not found). Fromotdf-local/, run:
uv run ruff check .uv run ruff format .(and re-stage any changes)uv run pyright🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@otdf-local/src/otdf_local/services/kas.py` around lines 1 - 229, The CI-quality checks for this module failed because the repo-level task runner "uv" was not available; from the otdf-local root run the requested linters and type checks (uv run ruff check ., uv run ruff format . then re-stage, and uv run pyright); if "uv" is not installed on your environment, run ruff and pyright directly (ruff check ., ruff format . then git add any formatted files, and pyright) and fix any reported issues in this file (look for KASService, KASManager, and get_kas_manager) before re-running the checks.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.github/workflows/vulnerability.yml:
- Around line 39-42: The workflow startup step that invokes the action
"opentdf/platform/test/start-up-with-containers@626ce47dd662cb8ff16898e3b6727001a4753d92"
currently doesn't pass the pqc-enabled input; update that action invocation (the
step using that "uses" string) to include the input kv pair pqc-enabled: true
under its with: block so the startup runs with PQC explicitly enabled.
---
Outside diff comments:
In `@otdf-local/src/otdf_local/services/kas.py`:
- Around line 1-229: The CI-quality checks for this module failed because the
repo-level task runner "uv" was not available; from the otdf-local root run the
requested linters and type checks (uv run ruff check ., uv run ruff format .
then re-stage, and uv run pyright); if "uv" is not installed on your
environment, run ruff and pyright directly (ruff check ., ruff format . then git
add any formatted files, and pyright) and fix any reported issues in this file
(look for KASService, KASManager, and get_kas_manager) before re-running the
checks.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: c822ec94-7fc8-4e60-8cbb-13d7313d26eb
📒 Files selected for processing (4)
.github/workflows/vulnerability.yml.github/workflows/xtest.ymlotdf-local/src/otdf_local/services/kas.pyspec/DSPX-3499.md
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…al-kas Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
1 participant
Uh oh!
There was an error while loading. Please reload this page.