chore(ci): add otdfctl to dependabot configuration

[alkalescent]

Proposed Changes

• Add otdfctl/e2e to the github-actions dependabot ecosystem so composite action dependencies (actions/setup-go, bats-core/bats-action, actions/upload-artifact) are tracked
• Add otdfctl gomod entry with daily schedule and github.com/opentdf/* internal dep exclusion, matching existing module patterns

Files modified

File	Change
.github/dependabot.yml	Add otdfctl/e2e to github-actions directories; add otdfctl gomod entry

Already configured (no changes needed)

Workflow	Status
Backport	Uses repo-wide reusable workflow
CodeQL	Scans entire repo (no path filters)
Dependency review	Single consolidated deny-license list
PR lint	cli scope already present
Checks matrix	otdfctl already in directory list

PR Stack (DSPX-2654)

1. feat(cli): migrate otdfctl into platform monorepo #3205 — Subtree merge + module path rewrite (DSPX-2655, DSPX-2656)
2. feat(cli): Makefile and build scripts #3208 — Makefile and build scripts (DSPX-2657)
3. feat(cli): add otdfctl to platform CI matrix #3221 — CI workflows (DSPX-2658)
4. feat(cli): migrate e2e tests and fix lint errors #3236 — e2e tests and lint fixes (DSPX-2659)
5. feat(cli): independent otdfctl releases #3268 — Release pipeline (DSPX-2660)
6. This PR — Supporting workflows (DSPX-2661)

Checklist

• I have added or updated unit tests
• I have added or updated integration tests (if appropriate)
• I have added or updated documentation

Testing Instructions

• Verify YAML is valid: python3 -c "import yaml; yaml.safe_load(open('.github/dependabot.yml'))"
• Verify otdfctl gomod entry: search for directory: "/otdfctl" in dependabot.yml
• Verify github-actions directories include /otdfctl/e2e

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request updates the repository's Dependabot configuration to ensure that dependencies for the otdfctl component are properly tracked and maintained. By adding specific paths for both GitHub Actions and Go modules, the project ensures consistent automated dependency management across the new module.

Highlights

• Dependabot Configuration: Updated .github/dependabot.yml to include otdfctl/e2e in the github-actions ecosystem.
• Go Module Tracking: Added a new gomod entry for the otdfctl directory with a daily update schedule and internal dependency exclusion.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

---

The bot must watch the code with care, / To keep the modules fresh and fair. / With paths defined and schedules set, / No update shall the project forget.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Repository UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 37137247-d50f-42d6-aa66-205ce78b771b

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch DSPX-2661-otdfctl-supporting-workflows

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric	Value
Approved Decision Requests	1000
Denied Decision Requests	0
Total Time	201.928505ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric	Value
Approved Decision Requests	1000
Denied Decision Requests	0
Total Time	105.079089ms

Benchmark Statistics

Name	№ Requests	Avg Duration	Min Duration	Max Duration

Bulk Benchmark Results

Metric	Value
Total Decrypts	100
Successful Decrypts	100
Failed Decrypts	0
Total Time	401.37521ms
Throughput	249.14 requests/second

TDF3 Benchmark Results:

Metric	Value
Total Requests	5000
Successful Requests	5000
Failed Requests	0
Concurrent Requests	50
Total Time	41.659095867s
Average Latency	414.4826ms
Throughput	120.02 requests/second

[gemini-code-assist]

Code Review

This pull request updates the .github/dependabot.yml configuration to include the /otdfctl/e2e directory for GitHub Actions and adds a new gomod package ecosystem configuration for the /otdfctl directory with specific grouping and exclusion rules. I have no feedback to provide.

[github-actions]

X-Test Results

✅ go-pull-3291
✅ java-pull-3291
✅ go-v0.9.0
✅ js-pull-3291
✅ java-v0.9.0
test-cases-mapping-report
bats-test-results
✅ js-v0.9.0
cukes-report
opentdfplatform4NBXSV.dockerbuild
govulncheck-failure-8
govulncheck-failure-1
govulncheck-failure-3
govulncheck-failure-2
govulncheck-failure-0
govulncheck-failure-5

[github-actions]

Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric	Value
Approved Decision Requests	1000
Denied Decision Requests	0
Total Time	189.551359ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric	Value
Approved Decision Requests	1000
Denied Decision Requests	0
Total Time	91.661875ms

Benchmark Statistics

Name	№ Requests	Avg Duration	Min Duration	Max Duration

Bulk Benchmark Results

Metric	Value
Total Decrypts	100
Successful Decrypts	100
Failed Decrypts	0
Total Time	413.205906ms
Throughput	242.01 requests/second

TDF3 Benchmark Results:

Metric	Value
Total Requests	5000
Successful Requests	5000
Failed Requests	0
Concurrent Requests	50
Total Time	41.320222676s
Average Latency	411.983213ms
Throughput	121.01 requests/second

[github-actions]

X-Test Results

✅ go-pull-3291
✅ go-v0.9.0
✅ java-pull-3291
✅ java-v0.9.0
✅ js-pull-3291
test-cases-mapping-report
✅ js-v0.9.0
bats-test-results
cukes-report
opentdfplatformTQUAZN.dockerbuild
govulncheck-failure-2
govulncheck-failure-3
govulncheck-failure-8
govulncheck-failure-0
govulncheck-failure-5
govulncheck-failure-1

[github-actions]

Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric	Value
Approved Decision Requests	1000
Denied Decision Requests	0
Total Time	201.581447ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric	Value
Approved Decision Requests	1000
Denied Decision Requests	0
Total Time	99.450031ms

Benchmark Statistics

Name	№ Requests	Avg Duration	Min Duration	Max Duration

Bulk Benchmark Results

Metric	Value
Total Decrypts	100
Successful Decrypts	100
Failed Decrypts	0
Total Time	396.656308ms
Throughput	252.11 requests/second

TDF3 Benchmark Results:

Metric	Value
Total Requests	5000
Successful Requests	5000
Failed Requests	0
Concurrent Requests	50
Total Time	40.19488741s
Average Latency	400.093101ms
Throughput	124.39 requests/second

[github-actions]

X-Test Results

✅ go-pull-3291
✅ go-v0.9.0
✅ java-pull-3291
✅ java-v0.9.0
✅ js-pull-3291
✅ js-v0.9.0
test-cases-mapping-report
bats-test-results
cukes-report
opentdfplatformWRMEFF.dockerbuild
govulncheck-failure-8
govulncheck-failure-1
govulncheck-failure-0
govulncheck-failure-3
govulncheck-failure-2
govulncheck-failure-5

[github-actions]

Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric	Value
Approved Decision Requests	1000
Denied Decision Requests	0
Total Time	204.166179ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric	Value
Approved Decision Requests	1000
Denied Decision Requests	0
Total Time	103.618562ms

Benchmark Statistics

Name	№ Requests	Avg Duration	Min Duration	Max Duration

Bulk Benchmark Results

Metric	Value
Total Decrypts	100
Successful Decrypts	100
Failed Decrypts	0
Total Time	409.967916ms
Throughput	243.92 requests/second

TDF3 Benchmark Results:

Metric	Value
Total Requests	5000
Successful Requests	5000
Failed Requests	0
Concurrent Requests	50
Total Time	42.571439565s
Average Latency	424.143087ms
Throughput	117.45 requests/second

[github-actions]

X-Test Results

✅ go-pull-3291
✅ go-v0.9.0
✅ java-pull-3291
✅ java-v0.9.0
✅ js-pull-3291
✅ js-v0.9.0
test-cases-mapping-report
bats-test-results
cukes-report
opentdfplatformLICRN9.dockerbuild
govulncheck-failure-2
govulncheck-failure-3
govulncheck-failure-1
govulncheck-failure-8
govulncheck-failure-5
govulncheck-failure-0

[github-actions]

Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric	Value
Approved Decision Requests	1000
Denied Decision Requests	0
Total Time	195.420936ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric	Value
Approved Decision Requests	1000
Denied Decision Requests	0
Total Time	96.899925ms

Benchmark Statistics

Name	№ Requests	Avg Duration	Min Duration	Max Duration

Bulk Benchmark Results

Metric	Value
Total Decrypts	100
Successful Decrypts	100
Failed Decrypts	0
Total Time	400.812377ms
Throughput	249.49 requests/second

TDF3 Benchmark Results:

Metric	Value
Total Requests	5000
Successful Requests	5000
Failed Requests	0
Concurrent Requests	50
Total Time	41.221123076s
Average Latency	410.120209ms
Throughput	121.30 requests/second

[github-actions]

⚠️ Govulncheck found vulnerabilities ⚠️

The following modules have known vulnerabilities:

• examples
• otdfctl
• sdk
• service
• lib/fixtures
• tests-bdd

See the workflow run for details.

[github-actions]

X-Test Results

✅ go-pull-3291
✅ go-v0.9.0
✅ java-pull-3291
✅ java-v0.9.0
✅ js-pull-3291
✅ js-v0.9.0
test-cases-mapping-report
bats-test-results
cukes-report
opentdfplatformIXJT60.dockerbuild
govulncheck-failure-8
govulncheck-failure-0
govulncheck-failure-3
govulncheck-failure-1
govulncheck-failure-5
govulncheck-failure-2