Build(deps): Bump github.com/googleapis/gax-go/v2 from 2.16.0 to 2.20.0

[dependabot]

Bumps github.com/googleapis/gax-go/v2 from 2.16.0 to 2.20.0.

Release notes

Sourced from github.com/googleapis/gax-go/v2's releases.

v2: v2.20.0

v2.20.0 (2026-03-25)

Features

• hook metric recording into gax.Invoke (#494) (1f3e9aef)

• add TelemetryErrorInfo and ExtractTelemetryErrorInfo (#487) (defdded3)

v2: v2.19.0

v2.19.0 (2026-03-17)

Features

• update WithLogger to WithLoggerContext. (#478) (1cb70baf)

• pass logger to downstream via context (#474) (434fa676)

• add WithClientMetrics CallOption (#479) (76f0284e)

• add TransportTelemetryData for dynamic transport attributes (#481) (8a7caf00)

• add ClientMetrics initialization core (#473) (f53618c2)

Bug Fixes

• lazy initialization and getters for ClientMetrics (#485) (fb6c5f4d)

v2: v2.18.0

v2.18.0 (2026-03-09)

Features

• move gax-go to use 1.25 as the lower bound of support (#469) (01594ca5)

• add callctx telemetry helpers (#472) (fa319ffc)

v2 2.17.0

2.17.0 (2026-02-03)

Features

• update Invoke to add retry count to context (#462) (ea7096d5)

Commits

• 25485ab chore: create a release (#495)
• 1f3e9ae feat: hook metric recording into gax.Invoke (#494)
• defdded feat(v2): add TelemetryErrorInfo and ExtractTelemetryErrorInfo (#487)
• 399c197 chore(all): update all (#492)
• c64aabe chore(all): update module google.golang.org/grpc to v1.79.3 [SECURITY] (#490)
• 06bdf7f chore: create a release (#486)
• bf56424 chore(all): update all (#484)
• fb6c5f4 fix(v2): lazy initialization and getters for ClientMetrics (#485)
• 336f424 build: run linters on all submodules and fix deprecations (#483)
• a46b2de chore(v2): Improve docs surrounding TransportTelemetryData (#482)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[coderabbitai]

Walkthrough

Go toolchain updated from 1.24.13 to 1.25.0. Direct dependencies bumped including gax-go/v2, golang.org/x modules (term, text), and google.golang.org packages (api, grpc). Indirect dependencies advanced across cloud.google.com/go/auth, enterprise-certificate-proxy, OpenTelemetry modules, and genproto.

Changes

Cohort / File(s)	Summary
Go Module Dependencies go.mod	Toolchain version updated to 1.25.0. Direct and indirect dependency versions bumped across Google Cloud libraries, OpenTelemetry packages, and golang.org modules.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The PR title 'Build(deps): Bump github.com/googleapis/gax-go/v2 from 2.16.0 to 2.20.0' accurately reflects the main change—a dependency version bump of gax-go. It is specific, clear, and directly related to the changeset.
Description check	✅ Passed	The PR description provides comprehensive details about the dependency update, including release notes from versions 2.17.0 through 2.20.0 with features and bug fixes. It is fully related to the changeset and provides relevant context about the changes.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/go_modules/github.com/googleapis/gax-go/v2-2.20.0

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign rcampos2029 for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a openshift-online member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

go.mod (1)

12-12: Harden APIError extraction for wrapped errors with this gax-go/v2 and grpc upgrades.

The three handler functions in pkg/gcp/error_handlers.go (lines 13, 24, 32) use direct type assertions to extract *apierror.APIError. This pattern fails silently on wrapped error chains. Use errors.As() instead—the file already demonstrates this pattern correctly at line 45 for googleapi.Error.

Suggested refactor pattern

- pApiError, ok := err.(*apierror.APIError)
- if !ok {
+ var pApiError *apierror.APIError
+ if !errors.As(err, &pApiError) {
    return fmt.Errorf("Unexpected error")
  }

Apply the same pattern to fmtGoogleApiError() at line 50 for consistency.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@go.mod` at line 12, The handlers in pkg/gcp/error_handlers.go currently use
direct type assertions to extract *apierror.APIError (the three handler
functions around the top of the file) which fails on wrapped error chains;
change those assertions to use errors.As to walk the chain and extract the
*apierror.APIError (e.g., use var apiErr *apierror.APIError; if errors.As(err,
&apiErr) { ... }); apply the same pattern to fmtGoogleApiError() so it also uses
errors.As instead of a direct type assertion; keep existing logging/handling
logic but guard it behind the errors.As check and handle the non-matching case
as before.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@go.mod`:
- Line 3: Update the GitHub Actions workflow Go versions so CI matches the
bumped go.mod: edit .github/workflows/check-pull-request.yaml and
.github/workflows/publish-release.yaml and change all go-version fields that are
pinned to older Go (e.g., 1.22 and 1.23) to "1.25.x"; also review any
Docker/Tekton references (ubi9/go-toolset:latest) for consistency but the
immediate fix is updating the go-version keys in the two workflow files so they
use 1.25.x.

---

Nitpick comments:
In `@go.mod`:
- Line 12: The handlers in pkg/gcp/error_handlers.go currently use direct type
assertions to extract *apierror.APIError (the three handler functions around the
top of the file) which fails on wrapped error chains; change those assertions to
use errors.As to walk the chain and extract the *apierror.APIError (e.g., use
var apiErr *apierror.APIError; if errors.As(err, &apiErr) { ... }); apply the
same pattern to fmtGoogleApiError() so it also uses errors.As instead of a
direct type assertion; keep existing logging/handling logic but guard it behind
the errors.As check and handle the non-matching case as before.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 2cbaa595-970c-4b6d-a4ee-df90d4e26af0

📥 Commits

Reviewing files that changed from the base of the PR and between e8f8ba0 and 8fe8564.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (1)

• go.mod

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify all pinned Go versions across repo are aligned with go.mod (1.25.x)
set -euo pipefail

echo "== go.mod/go.work directives =="
rg -n --type=gomod '^\s*go\s+1\.' go.mod go.work 2>/dev/null || true

echo
echo "== CI and container Go version pins =="
rg -n -C2 --iglob '*.{yml,yaml}' --iglob 'Dockerfile*' --iglob '*.mk' \
  'go-version:|golang:1\.|GO_VERSION|GOLANG_VERSION|setup-go|actions/setup-go'

echo
echo "Expected: all pins reference 1.25.x (or are unpinned and inherit toolchain safely)."

Repository: openshift-online/ocm-cli

Length of output: 139

---

🏁 Script executed:

# Check go.mod exists and read it directly
echo "=== go.mod content ===" 
cat go.mod | head -20

# Find all CI/build configuration files
echo -e "\n=== CI and build config files ===" 
fd -e yml -e yaml -e mk -t f | grep -E '(\.github|\.gitlab|workflow|dockerfile|compose|build)' -i

Repository: openshift-online/ocm-cli

Length of output: 771

---

🏁 Script executed:

# Check for .github/workflows directory specifically
echo "=== .github directory contents ===" 
ls -la .github/ 2>/dev/null || echo "No .github directory"

# Search for any Dockerfile
echo -e "\n=== Any Dockerfile files ===" 
find . -name "Dockerfile*" -o -name "*dockerfile*" 2>/dev/null | head -20

# List root directory to understand repo structure
echo -e "\n=== Root directory ===" 
ls -la | grep -E '^d|\.yml|\.yaml|Makefile'

# Check if there's a go.work file
echo -e "\n=== go.work file ===" 
cat go.work 2>/dev/null || echo "No go.work file"

Repository: openshift-online/ocm-cli

Length of output: 1195

---

🏁 Script executed:

# Check GitHub workflows for Go version pins
echo "=== .github/workflows files ===" 
ls -la .github/workflows/
echo
for file in .github/workflows/*.yml .github/workflows/*.yaml; do
  [ -f "$file" ] && echo "--- $file ---" && cat "$file"
done

# Check Dockerfile
echo -e "\n=== docker/Dockerfile ===" 
cat docker/Dockerfile

# Check Makefile for Go version
echo -e "\n=== Makefile (Go version related) ===" 
grep -n -i 'go.*version\|golang' Makefile || echo "No explicit Go version in Makefile"

# Check .tekton for Go version
echo -e "\n=== .tekton files ===" 
find .tekton -type f | xargs cat 2>/dev/null || echo "No .tekton config files"

Repository: openshift-online/ocm-cli

Length of output: 47016

---

Update GitHub Actions workflows to use Go 1.25.x before merging.

The go.mod bump to Go 1.25.0 will fail CI because workflows pin older versions:

• .github/workflows/check-pull-request.yaml: test job uses 1.22, lint job uses 1.23
• .github/workflows/publish-release.yaml: release job uses 1.23

Update all go-version fields to 1.25.x in both workflow files. The Docker and Tekton builds use ubi9/go-toolset:latest, which may inherit the correct toolchain but should also be reviewed for consistency.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@go.mod` at line 3, Update the GitHub Actions workflow Go versions so CI
matches the bumped go.mod: edit .github/workflows/check-pull-request.yaml and
.github/workflows/publish-release.yaml and change all go-version fields that are
pinned to older Go (e.g., 1.22 and 1.23) to "1.25.x"; also review any
Docker/Tekton references (ubi9/go-toolset:latest) for consistency but the
immediate fix is updating the go-version keys in the two workflow files so they
use 1.25.x.