fix: escape reserved words from perses cel validation expressions

[jgbernalp]

Fixes: https://redhat.atlassian.net/browse/OU-1375

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: jgbernalp

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [jgbernalp]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[coderabbitai]

Warning

Rate limit exceeded

@jgbernalp has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 50 minutes and 49 seconds before requesting another review.

You’ve run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 37040cad-2b9c-4e29-acf6-bbdd7fa17a84

📥 Commits

Reviewing files that changed from the base of the PR and between 36ee5d5 and 8326eda.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (8)

• bundle/manifests/observability-operator.clusterserviceversion.yaml
• bundle/manifests/perses.dev_perses.yaml
• bundle/manifests/perses.dev_persesdatasources.yaml
• bundle/manifests/perses.dev_persesglobaldatasources.yaml
• deploy/perses/crds/perses.dev_perses.yaml
• deploy/perses/crds/perses.dev_persesdatasources.yaml
• deploy/perses/crds/perses.dev_persesglobaldatasources.yaml
• go.mod

📝 Walkthrough

Walkthrough

This PR updates validation rules across three Kubernetes CRDs used by the Perses operator integration. The CEL rules for namespace presence checks in authentication and TLS configurations are refactored to use the internal namespace field reference (self.__namespace__) instead of checking a user-facing namespace field (self.namespace). This change is applied consistently to six validation rules in the Perses CRD, four in the PersesDatasource CRD, and four in the PersesGlobalDatasource CRD. The perses-operator Go dependency version is also bumped to a newer commit.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: fixing CEL validation expressions by escaping reserved words (namespace → namespace) in Perses CRD schemas.
Description check	✅ Passed	The description references a related issue ticket, which provides context about the purpose of the changes, though minimal implementation detail is included.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[etmurasaki]

Manually tested against ocp4.15 and 4.21 consuming quay.io/gbernal/observability-operator-bundle:1.5.0-beta-perses-cel and it got successfully installed and monitoring UIPlugin - Perses feature is working fine.

[PeterYurkovich]

/lgtm