Sync upstream 20260423 0828

[pierDipi]

Summary

Automated sync of kserve/kserve:master into opendatahub-io/kserve:master.

AI Conflict Resolution Report

12 files had merge conflicts. All were resolved successfully.

1. Dockerfile (line 22)

• Conflict: Midstream had -a -tags "${GOTAGS}", upstream had -tags "${GOTAGS}" -a in the go build command.
• Resolution: Took upstream's flag order. The two orderings are functionally identical; adopting upstream minimizes future diff noise.

2. OWNERS (lines 2–22)

• Conflict: Midstream had its own approvers list (andresllh, bartoszmajsak, brettmthompson, danielezonca, etc.) while upstream had a different set (Jooho, lizzzcai, sivanantha321) plus upstream reviewers. The conflict region also contained a reviewers: key from the upstream side, which would have created a duplicate section.
• Resolution: All midstream-specific maintainers preserved.

3. go.sum (line 3553)

• Conflict: Upstream added two new dependency hashes (posener/complete, prometheus-operator/prometheus-operator) that midstream didn't have.
• Resolution: Included both new upstream entries. This is an auto-generated file; the entries correspond to dependencies pulled in by go.mod changes that auto-merged cleanly.

4. test/e2e/llmisvc/fixtures.py (4 conflict regions: lines ~79, ~155, ~386, ~421)

• Conflict: Midstream used "runAsNonRoot": RUN_AS_NON_ROOT (an env-var-driven boolean, defaulting to false). Upstream used UPSTREAM_K8S_NON_ROOT_SECURITY_CONTEXT.copy() which sets {"runAsNonRoot": True, "runAsUser": 1000}.
• Context: The UPSTREAM_K8S_NON_ROOT_SECURITY_CONTEXT constant (defined in the same file at line 47) already carries a comment: "Vanilla Kubernetes rejects runAsNonRoot-only containers when the image does not declare a USER. Keep the templates OpenShift-safe and use an explicit non-root UID only in upstream CI test overrides." — i.e., it was designed to be safe for both environments.
• Resolution: Took upstream's UPSTREAM_K8S_NON_ROOT_SECURITY_CONTEXT.copy() for all 4 locations. The upstream constant is more complete (includes runAsUser) and is already documented as OpenShift-safe.

5. test/scripts/gh-actions/run-e2e-tests.sh (lines 64–72)

• Conflict: Midstream (PR ci: improve e2e test scripts for local runs and llmisvc builds #1356 by @jlost) refactored the pytest invocation to use composable arrays (MARKER_ARGS, PYTEST_COMMON_ARGS, PYTEST_EXTRA_ARGS) for local-run flexibility. Upstream (PR ci: add --maxfail=10 to e2e pytest invocation kserve/kserve#5445) added --maxfail=10 to the inline pytest commands.
• Resolution: Kept midstream's refactored array approach (important for local dev workflow) and integrated upstream's --maxfail=10 into the PYTEST_COMMON_ARGS array definition. Both improvements are preserved. Referenced midstream commit f5fa7df (PR ci: improve e2e test scripts for local runs and llmisvc builds #1356) to confirm the refactoring intent.

6–12. python/*/uv.lock (7 files)

• Files: aiffairness, artexplainer, custom_model, custom_tokenizer, custom_transformer, test_resources/graph/error_404_isvc, test_resources/graph/success_200_isvc
• Conflict: Auto-generated lock file content diverged between midstream and upstream dependency resolution runs.
• Resolution: Took upstream's version (git checkout --theirs) for all 7 lock files. These are auto-generated and will be regenerated on the next uv lock run; upstream's versions reflect the newer dependency state consistent with the merged pyproject.toml files.

---

This sync was performed by an automated AI agent.

[coderabbitai]

Important

Review skipped

Too many files!

This PR contains 172 files, which is 22 over the limit of 150.

⚙️ Run configuration

Configuration used: Central YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Pro Plus

Run ID: b659f3b1-c0ff-4eb4-aa0b-d133257554b6

📥 Commits

Reviewing files that changed from the base of the PR and between d581a18 and 745375e.

⛔ Files ignored due to path filters (18)

• go.sum is excluded by !**/*.sum, !**/*.sum
• python/aiffairness/uv.lock is excluded by !**/*.lock
• python/artexplainer/uv.lock is excluded by !**/*.lock
• python/custom_model/uv.lock is excluded by !**/*.lock
• python/custom_tokenizer/uv.lock is excluded by !**/*.lock
• python/custom_transformer/uv.lock is excluded by !**/*.lock
• python/huggingfaceserver/uv.lock is excluded by !**/*.lock
• python/kserve/uv.lock is excluded by !**/*.lock
• python/lgbserver/uv.lock is excluded by !**/*.lock
• python/paddleserver/uv.lock is excluded by !**/*.lock
• python/pmmlserver/uv.lock is excluded by !**/*.lock
• python/predictiveserver/uv.lock is excluded by !**/*.lock
• python/sklearnserver/uv.lock is excluded by !**/*.lock
• python/storage/uv.lock is excluded by !**/*.lock
• python/test_resources/graph/error_404_isvc/uv.lock is excluded by !**/*.lock
• python/test_resources/graph/success_200_isvc/uv.lock is excluded by !**/*.lock
• python/xgbserver/uv.lock is excluded by !**/*.lock
• qpext/go.sum is excluded by !**/*.sum, !**/*.sum

📒 Files selected for processing (172)

• .github/agents/release-orchestrator.agent.md
• .gitignore
• Dockerfile
• OWNERS
• agent.Dockerfile
• charts/_common/README.md
• charts/_common/common-sections.yaml
• charts/kserve-crd-minimal/Chart.yaml
• charts/kserve-crd-minimal/README.md
• charts/kserve-crd/Chart.yaml
• charts/kserve-crd/README.md
• charts/kserve-llmisvc-crd-minimal/Chart.yaml
• charts/kserve-llmisvc-crd-minimal/README.md
• charts/kserve-llmisvc-crd-minimal/templates/serving.kserve.io_llminferenceserviceconfigs.yaml
• charts/kserve-llmisvc-crd-minimal/templates/serving.kserve.io_llminferenceservices.yaml
• charts/kserve-llmisvc-crd-minimal/templates/serving.kserve.io_localmodelnamespacecaches.yaml
• charts/kserve-llmisvc-crd/Chart.yaml
• charts/kserve-llmisvc-crd/README.md
• charts/kserve-llmisvc-crd/templates/serving.kserve.io_llminferenceserviceconfigs.yaml
• charts/kserve-llmisvc-crd/templates/serving.kserve.io_llminferenceservices.yaml
• charts/kserve-llmisvc-crd/templates/serving.kserve.io_localmodelnamespacecaches.yaml
• charts/kserve-llmisvc-resources/Chart.yaml
• charts/kserve-llmisvc-resources/README.md
• charts/kserve-llmisvc-resources/files/common/storagecontainer.yaml
• charts/kserve-llmisvc-resources/values.yaml
• charts/kserve-localmodel-crd-minimal/Chart.yaml
• charts/kserve-localmodel-crd-minimal/README.md
• charts/kserve-localmodel-crd/Chart.yaml
• charts/kserve-localmodel-crd/README.md
• charts/kserve-localmodel-resources/Chart.yaml
• charts/kserve-localmodel-resources/README.md
• charts/kserve-localmodel-resources/values.yaml
• charts/kserve-resources/Chart.yaml
• charts/kserve-resources/README.md
• charts/kserve-resources/files/common/storagecontainer.yaml
• charts/kserve-resources/values.yaml
• charts/kserve-runtime-configs/Chart.yaml
• charts/kserve-runtime-configs/README.md
• charts/kserve-runtime-configs/files/llmisvcconfigs/resources.yaml
• charts/kserve-runtime-configs/values.yaml
• config/crd/full/llmisvc/serving.kserve.io_llminferenceserviceconfigs.yaml
• config/crd/full/llmisvc/serving.kserve.io_llminferenceservices.yaml
• config/crd/minimal/llmisvc/serving.kserve.io_llminferenceserviceconfigs.yaml
• config/crd/minimal/llmisvc/serving.kserve.io_llminferenceservices.yaml
• config/llmisvcconfig/config-llm-decode-template.yaml
• config/llmisvcconfig/config-llm-decode-worker-data-parallel.yaml
• config/llmisvcconfig/config-llm-prefill-template.yaml
• config/llmisvcconfig/config-llm-prefill-worker-data-parallel.yaml
• config/llmisvcconfig/config-llm-template.yaml
• config/llmisvcconfig/config-llm-worker-data-parallel.yaml
• config/storagecontainers/default.yaml
• docs/OPENSHIFT_GUIDE.md
• docs/samples/explanation/alibi/alibiexplainer/pyproject.toml
• docs/samples/llmisvc/e2e-gpt-oss/README.md
• docs/samples/llmisvc/e2e-gpt-oss/llmisvc_config_prefix_cache.yaml
• docs/samples/llmisvc/opt-125m-cpu/llm-inference-service-facebook-opt-125m-cpu-no-scheduler.yaml
• docs/samples/llmisvc/opt-125m-cpu/llm-inference-service-facebook-opt-125m-cpu.yaml
• docs/samples/llmisvc/opt-125m-cpu/llm-inference-service-pd-facebook-opt-125m-cpu.yaml
• docs/samples/llmisvc/precise-prefix-kv-cache-routing/README.md
• docs/samples/llmisvc/precise-prefix-kv-cache-routing/llm-inference-service-opt-125m-cpu-kv-cache-routing-simulator.yaml
• docs/samples/llmisvc/precise-prefix-kv-cache-routing/llm-inference-service-qwen2-7b-gpu-kv-cache-routing.yaml
• go.mod
• hack/release/create-branch-tag.sh
• hack/release/generate-install.sh
• hack/release/publish-release.sh
• hack/release/validate-release.sh
• hack/setup/quick-install/keda-dependency-install.sh
• hack/setup/quick-install/kserve-knative-mode-dependency-install.sh
• hack/setup/quick-install/kserve-knative-mode-full-install-helm.sh
• hack/setup/quick-install/kserve-knative-mode-full-install-with-manifests.sh
• hack/setup/quick-install/kserve-standard-mode-dependency-install.sh
• hack/setup/quick-install/kserve-standard-mode-full-install-helm.sh
• hack/setup/quick-install/kserve-standard-mode-full-install-with-manifests.sh
• hack/setup/quick-install/llmisvc-dependency-install.sh
• hack/setup/quick-install/llmisvc-full-install-helm.sh
• hack/setup/quick-install/llmisvc-full-install-with-manifests.sh
• install/v0.18.0-rc0/keda-dependency-install.sh
• install/v0.18.0-rc0/kserve-cluster-resources.yaml
• install/v0.18.0-rc0/kserve-crds.yaml
• install/v0.18.0-rc0/kserve-knative-mode-dependency-install.sh
• install/v0.18.0-rc0/kserve-knative-mode-full-install-with-manifests.sh
• install/v0.18.0-rc0/kserve-standard-mode-dependency-install.sh
• install/v0.18.0-rc0/kserve-standard-mode-full-install-with-manifests.sh
• install/v0.18.0-rc0/kserve.yaml
• install/v0.18.0-rc0/kserve_kubeflow.yaml
• install/v0.18.0-rc0/llmisvc-dependency-install.sh
• install/v0.18.0-rc0/llmisvc-full-install-with-manifests.sh
• install/v0.18.0-rc1/keda-dependency-install.sh
• install/v0.18.0-rc1/kserve-cluster-resources.yaml
• install/v0.18.0-rc1/kserve-crds.yaml
• install/v0.18.0-rc1/kserve-knative-mode-dependency-install.sh
• install/v0.18.0-rc1/kserve-knative-mode-full-install-with-manifests.sh
• install/v0.18.0-rc1/kserve-standard-mode-dependency-install.sh
• install/v0.18.0-rc1/kserve-standard-mode-full-install-with-manifests.sh
• install/v0.18.0-rc1/kserve.yaml
• install/v0.18.0-rc1/kserve_kubeflow.yaml
• install/v0.18.0-rc1/llmisvc-dependency-install.sh
• install/v0.18.0-rc1/llmisvc-full-install-with-manifests.sh
• kserve-deps.env
• pkg/apis/serving/v1alpha1/inference_graph_validation.go
• pkg/apis/serving/v1alpha1/llm_inference_service_config_validation.go
• pkg/apis/serving/v1alpha1/llm_inference_service_conversion.go
• pkg/apis/serving/v1alpha1/llm_inference_service_types.go
• pkg/apis/serving/v1alpha1/llm_inference_service_validation.go
• pkg/apis/serving/v1alpha1/llm_inference_service_validation_test.go
• pkg/apis/serving/v1alpha1/trainedmodel_webhook.go
• pkg/apis/serving/v1alpha1/zz_generated.deepcopy.go
• pkg/apis/serving/v1alpha2/llm_inference_service_config_validation.go
• pkg/apis/serving/v1alpha2/llm_inference_service_defaults.go
• pkg/apis/serving/v1alpha2/llm_inference_service_types.go
• pkg/apis/serving/v1alpha2/llm_inference_service_validation.go
• pkg/apis/serving/v1alpha2/llm_inference_service_validation_test.go
• pkg/apis/serving/v1alpha2/zz_generated.deepcopy.go
• pkg/apis/serving/v1beta1/inference_service_validation.go
• pkg/apis/serving/v1beta1/inference_service_validation_test.go
• pkg/controller/v1alpha2/llmisvc/config_merge.go
• pkg/controller/v1alpha2/llmisvc/config_merge_test.go
• pkg/controller/v1alpha2/llmisvc/config_presets_test.go
• pkg/controller/v1alpha2/llmisvc/controller.go
• pkg/controller/v1alpha2/llmisvc/controller_int_stop_test.go
• pkg/controller/v1alpha2/llmisvc/controller_int_test.go
• pkg/controller/v1alpha2/llmisvc/fixture/gwapi_builders.go
• pkg/controller/v1alpha2/llmisvc/fixture/llmisvc_builders.go
• pkg/controller/v1alpha2/llmisvc/label_propagation_test.go
• pkg/controller/v1alpha2/llmisvc/router_gateway_conditions_test.go
• pkg/controller/v1alpha2/llmisvc/sample.go
• pkg/controller/v1alpha2/llmisvc/workload.go
• pkg/controller/v1alpha2/llmisvc/workload_multi_node.go
• pkg/controller/v1alpha2/llmisvc/workload_single_node.go
• pkg/controller/v1beta1/inferenceservice/utils/utils.go
• pkg/controller/v1beta1/inferenceservice/utils/utils_test.go
• pkg/testing/httproute_matchers.go
• pkg/webhook/admission/localmodelcache/localmodelcache_validator.go
• pkg/webhook/admission/localmodelcache/localmodelcache_validator_test.go
• pkg/webhook/admission/localmodelnamespacecache/local_model_namespace_cache_validation.go
• pkg/webhook/admission/localmodelnamespacecache/local_model_namespace_cache_validation_test.go
• pkg/webhook/admission/pod/agent_injector.go
• pkg/webhook/admission/pod/agent_injector_test.go
• python/VERSION
• python/aiffairness/pyproject.toml
• python/artexplainer/pyproject.toml
• python/custom_model/pyproject.toml
• python/custom_tokenizer/pyproject.toml
• python/custom_transformer/pyproject.toml
• python/huggingface_server.Dockerfile
• python/huggingface_server_cpu.Dockerfile
• python/huggingfaceserver/huggingfaceserver/vllm/utils.py
• python/huggingfaceserver/huggingfaceserver/vllm/vllm_model.py
• python/huggingfaceserver/pyproject.toml
• python/huggingfaceserver/tests/setup_vllm.sh
• python/kserve/pyproject.toml
• python/lgbserver/pyproject.toml
• python/paddleserver/pyproject.toml
• python/pmmlserver/pyproject.toml
• python/predictiveserver/pyproject.toml
• python/sklearnserver/pyproject.toml
• python/storage/kserve_storage/kserve_storage.py
• python/storage/pyproject.toml
• python/storage/test/test_s3_storage.py
• python/test_resources/graph/error_404_isvc/pyproject.toml
• python/test_resources/graph/success_200_isvc/pyproject.toml
• python/xgbserver/pyproject.toml
• qpext/go.mod
• release/RELEASE_PROCESS_v3.md
• release/RELEASE_PROCESS_v3_copilot.md
• test/crds/serving.kserve.io_all_crds.yaml
• test/e2e/llmisvc/fixtures.py
• test/e2e/llmisvc/test_gateway_section_name.py
• test/e2e/llmisvc/test_llm_inference_service_conversion.py
• test/e2e/llmisvc/test_pod_watch.py
• test/e2e/llmisvc/test_storage_version_migration.py
• test/scripts/gh-actions/run-e2e-tests.sh

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[rhods-ci-bot]

@pierDipi: The following test has Succeeded:

OCI Artifact Browser URL

View in Artifact Browser

Inspecting Test Artifacts Manually

To inspect your test artifacts manually, follow these steps:

1. Install ORAS (see the ORAS installation guide).
2. Download artifacts with the following commands:

mkdir -p oras-artifacts
cd oras-artifacts
oras pull quay.io/opendatahub/odh-ci-artifacts:kserve-group-test-l8rlg

[jlost]

/lgtm

[andresllh]

/lgtm

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: andresllh, pierDipi

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [andresllh,pierDipi]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment