Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add e2e for apps #426

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

add e2e for apps #426

wants to merge 3 commits into from

Conversation

klinch0
Copy link
Contributor

@klinch0 klinch0 commented Oct 15, 2024
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • New Features

    • Introduced scripts for managing end-to-end testing and Helm chart installations.
    • Added a new configuration for tenant operational settings.
    • Updated FerretDB chart to version 0.4.1 with enhancements for PostgreSQL initialization.

  • Improvements

    • Enhanced pre-commit configuration for better YAML checks and version mapping.
    • Added functions for improved Helm release management and testing processes.

  • Bug Fixes

    • Improved readiness checks and user management in PostgreSQL initialization scripts.

@klinch0 klinch0 requested a review from kvaps as a code owner October 15, 2024 11:57
@coderabbitai coderabbitai
Copy link
Contributor

coderabbitai bot commented Oct 15, 2024
edited
Loading

Walkthrough

The changes introduced in this pull request encompass updates to configuration files, the addition of new scripts, and enhancements to existing Helm charts. Key updates include a revised pre-commit configuration, the introduction of a Makefile for managing testing processes, and new scripts for Helm release management. Additionally, a new tenant configuration file has been added, and the FerretDB Helm chart has been updated to a new version with improvements in initialization scripts.

Changes

File(s) Change Summary
.pre-commit-config.yaml Updated to broaden exclusion criteria for check-yaml and added gen-versions-map hook.
hack/Makefile Created to manage end-to-end testing with targets for help, test, and clean.
hack/e2e.applications.sh Introduced for managing end-to-end testing and cleanup in Kubernetes, with test and clean functions.
hack/modules/check_helmrelease_status.sh, hack/modules/create_git_repo.sh, hack/modules/install_chart.sh, hack/modules/install_tenant.sh Added new scripts for managing Helm releases with specific functions for each task.
hack/modules/ignored_charts New file listing components to be ignored during processing.
hack/values/tenant.yaml New configuration file with parameters for operational settings.
packages/apps/ferretdb/Chart.yaml Updated from version 0.4.0 to 0.4.1.
packages/apps/ferretdb/templates/init-script.yaml Enhanced for PostgreSQL initialization with readiness checks and user management improvements.
packages/apps/versions_map Updated to reflect changes in the ferretdb package versioning.

Possibly related PRs

Suggested reviewers

  • themoriarti
  • kvaps

Poem

🐇 In the garden of code, we hop with glee,
New scripts and hooks, as bright as can be!
Helm charts updated, testing's a breeze,
With each little change, we dance with ease!
So here's to the work, both clever and bright,
A rabbit's delight, in the soft moonlight! 🌙

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

coderabbitai[bot]
coderabbitai bot reviewed Oct 15, 2024
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 15

🧹 Outside diff range and nitpick comments (15)
hack/values/tenant.yaml (1)

1-6: Enhance configuration file with comments and consider interdependencies

The configuration file provides a good starting point for tenant settings. However, to improve its maintainability and usability:

  1. Add comments for each parameter explaining its purpose, implications, and how it interacts with other settings.
  2. Consider grouping related parameters (e.g., networking-related settings like host and ingress).
  3. If there are interdependencies between these settings, make them explicit in the comments.
  4. Provide a brief header comment explaining the overall purpose of this configuration file and how it's used in the system.

These additions will make it easier for other developers to understand and correctly modify this configuration in the future.

hack/Makefile (3)

6-9: LGTM: Helpful usage instructions, with a minor suggestion

The help target provides clear and concise usage instructions, which is a good practice for user-friendly Makefiles.

Consider adding the help target to the usage instructions for completeness:

 help:
 	@echo "Usage: make {test|clean}"
+	@echo "  help  - Display this help message."
 	@echo "  test  - Run the end-to-end tests."
 	@echo "  clean - Clean up resources."

11-13: LGTM: Well-structured test target, with a suggestion for error handling

The test target is well-structured, using the defined variables and suppressing command echoing for cleaner output. The order of execution (pre-checks before the main script) is logical.

Consider adding error handling to ensure the main script only runs if the pre-checks pass:

 test:
-	@bash $(PRECHECKS) test
-	@bash $(SCRIPT) test
+	@bash $(PRECHECKS) test && bash $(SCRIPT) test || (echo "Pre-checks failed. Aborting test." && exit 1)

This change ensures that if the pre-checks fail, the main script won't run and the make command will exit with an error status.

15-16: LGTM: Concise clean target, with a suggestion for error handling

The clean target is concise and uses the defined SCRIPT variable correctly. The command echoing is suppressed for cleaner output.

Consider adding error handling to provide feedback if the clean operation fails:

 clean:
-	@bash $(SCRIPT) clean
+	@bash $(SCRIPT) clean || (echo "Clean operation failed." && exit 1)

This change will provide feedback and exit with an error status if the clean operation fails.

hack/modules/install_tenant.sh (1)

3-8: LGTM: Well-structured function definition with a minor suggestion.

The function install_tenant is well-defined with clear parameter names and proper use of local variables. The default value for values_file adds flexibility.

Consider adding a brief comment above the function to describe its purpose and parameters. This would enhance maintainability, especially for other developers who might work on this script in the future.

.pre-commit-config.yaml (2)

15-16: LGTM: Enhanced markdownlint configuration

The indentation correction for the markdownlint hook improves the YAML structure. The additional arguments enhance the linting process:

  1. --fix automatically corrects some issues, which can save time.
  2. --disable MD013, MD041 disables specific rules:
    • MD013: Line length
    • MD041: First line in file should be a top level heading

These changes will make the Markdown linting more flexible.

Consider adding a comment in the file to explain why these specific rules (MD013 and MD041) are disabled. This will help future maintainers understand the rationale behind these exceptions.

17-25: LGTM: New gen-versions-map hook added

The addition of the gen-versions-map local hook is a good practice. It ensures that the versions map is always up-to-date before each commit. The configuration looks appropriate:

  1. It runs a make command in the packages/apps directory.
  2. It's set to run on all file types and doesn't pass filenames, which is suitable for this type of check.
  3. The hook fails if changes are generated, preventing commits with outdated version information.

Consider adding a brief comment in the file explaining the purpose and importance of this versions map. This will help other developers understand why this check is necessary and what it does.

hack/modules/create_git_repo.sh (1)

13-13: Consider separating variable declaration and assignment.

To avoid potential issues with masking return values, it's recommended to separate the declaration and assignment of the gitrepo_file variable.

Here's a suggested fix:

-    local gitrepo_file=$(mktemp /tmp/GitRepository.XXXXXX.yaml)
+    local gitrepo_file
+    gitrepo_file=$(mktemp /tmp/GitRepository.XXXXXX.yaml)
🧰 Tools
🪛 Shellcheck

[warning] 13-13: Declare and assign separately to avoid masking return values.

(SC2155)

hack/e2e.applications.sh (1)

1-54: Add documentation and improve overall script structure

While the script provides a good framework for end-to-end testing and cleanup, it lacks documentation and relies heavily on external modules. To improve maintainability and usability:

  1. Add a header comment explaining the script's purpose, requirements, and usage.
  2. Document the expected behavior and return values of key functions (test and clean).
  3. Consider adding error handling for missing or invalid command-line arguments.

Here's a suggested improvement for the script's header:

#!/bin/bash
set -euo pipefail

# e2e.applications.sh
#
# Purpose: Perform end-to-end testing and cleanup of applications in a Kubernetes environment.
#
# Usage: ./e2e.applications.sh {test|clean}
#
# Requirements:
# - Kubernetes cluster with appropriate access
# - Flux CD installed in the cluster
# - Required modules present in ./modules/ directory
#
# This script sources all .sh files from the ./modules/ directory. Ensure all
# required functions (create_git_repo, install_tenant, check_helmrelease_status,
# install_all_apps) are properly defined in these modules.

# Source all modules
for file in ./modules/*.sh; do
    if [[ ! -f "$file" ]]; then
        echo "Error: Required module $file not found" >&2
        exit 1
    fi
    source "$file"
done

# ... rest of the script ...

Additionally, consider adding comments before each function to explain its purpose, parameters, and return value.

Would you like assistance in documenting the individual functions or improving the script's error handling?

🧰 Tools
🪛 Shellcheck

[error] 1-1: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.

(SC2148)

[warning] 2-2: ShellCheck can't follow non-constant source. Use a directive to specify location.

(SC1090)

hack/modules/install_chart.sh (2)

13-26: LGTM: Thorough parameter validation with user-friendly error messages.

The parameter validation is well-implemented, using color-coded error messages and exiting early if required parameters are missing. This enhances both script robustness and user experience.

Consider adding validation for the gitrepo_name and flux_ns parameters as well, since they are used in the YAML generation.

30-55: LGTM: Well-structured YAML generation with external values support.

The YAML generation for the HelmRelease resource is well-implemented, using a clear and readable heredoc-style approach. The logic for including external values is also well-handled.

Consider using a heredoc for improved readability:

cat << EOF > "$helmrelease_file"
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
  labels:
    cozystack.io/ui: "true"
  name: "$release_name"
  namespace: "$namespace"
spec:
  chart:
    spec:
      chart: "$chart_path"
      reconcileStrategy: Revision
      sourceRef:
        kind: GitRepository
        name: "$gitrepo_name"
        namespace: "$flux_ns"
      version: '*'
  interval: 1m0s
  timeout: 5m0s
EOF

if [[ -n "$values_file" && -f "$values_file" ]]; then
    echo "  values:" >> "$helmrelease_file"
    sed 's/^/    /' "$values_file" >> "$helmrelease_file"
fi

This approach can make the YAML structure even more readable and easier to maintain.

packages/apps/ferretdb/templates/init-script.yaml (3)

Line range hint 66-86: Comprehensive role management and privilege granting

The changes in this section significantly improve the role management and privilege granting process. The creation of the app_admin role is now more robust, and the granting of privileges is comprehensive, covering all necessary database objects.

The use of a DO $$ block for dynamic SQL execution is a good practice, allowing for flexible and maintainable code.

Consider adding a comment explaining the purpose of the app_admin role for better documentation. For example:

-- Create app_admin role with full privileges for application management

Line range hint 87-120: Excellent addition of event trigger for automatic privilege assignment

The introduction of the event trigger trigger_auto_grant is a significant improvement. It ensures that any newly created schemas automatically receive the correct privileges, maintaining consistency across the database.

The trigger function auto_grant_schema_privileges() is well-structured and comprehensive, covering all necessary privilege grants.

Consider adding error handling within the trigger function. For example:

CREATE OR REPLACE FUNCTION auto_grant_schema_privileges()
RETURNS event_trigger LANGUAGE plpgsql AS $$
DECLARE
  obj record;
BEGIN
  FOR obj IN SELECT * FROM pg_event_trigger_ddl_commands() WHERE command_tag = 'CREATE SCHEMA' LOOP
    BEGIN
      -- Existing code here
    EXCEPTION
      WHEN OTHERS THEN
        RAISE WARNING 'Error granting privileges on schema %: %', obj.object_identity, SQLERRM;
    END;
  END LOOP;
END;
$$;

This will ensure that if there's an error granting privileges on one schema, it doesn't prevent the process from continuing for other schemas.

Line range hint 1-126: Well-structured initialization script with improved observability

The overall structure and flow of the initialization script are excellent. The addition of echo statements throughout the script significantly improves its observability, which is beneficial for debugging and monitoring the initialization process.

The order of operations (user creation, role creation, privilege granting, event trigger setup, role assignment) is logical and ensures that all necessary database objects and permissions are set up correctly.

For consistency, consider adding echo statements at the beginning and end of each major section. For example:

echo "== Starting database initialization"
# ... existing code ...
echo "== Database initialization completed successfully"

This would provide a clear indication of the script's progress and completion status.

hack/modules/install_all_apps.sh (1)

15-15: Consider exiting when the ignore file is not found

Currently, if the ignore file is not found, the script continues execution, which may lead to unexpected behavior later in the script. It's advisable to exit the script with an error message to prevent unintended behavior.

Apply this diff to handle the error:

 else
     echo "Ignore file not found: $ignore_file"
+    exit 1
 fi
📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between 2e16f78 and e274032.

📒 Files selected for processing (14)
  • .pre-commit-config.yaml (1 hunks)
  • hack/Makefile (1 hunks)
  • hack/e2e.applications.sh (1 hunks)
  • hack/modules/check_helmrelease_status.sh (1 hunks)
  • hack/modules/colors.sh (1 hunks)
  • hack/modules/create_git_repo.sh (1 hunks)
  • hack/modules/ignored_charts (1 hunks)
  • hack/modules/install_all_apps.sh (1 hunks)
  • hack/modules/install_chart.sh (1 hunks)
  • hack/modules/install_tenant.sh (1 hunks)
  • hack/values/tenant.yaml (1 hunks)
  • packages/apps/ferretdb/Chart.yaml (1 hunks)
  • packages/apps/ferretdb/templates/init-script.yaml (3 hunks)
  • packages/apps/versions_map (1 hunks)
✅ Files skipped from review due to trivial changes (1)
  • packages/apps/ferretdb/Chart.yaml
🧰 Additional context used
🪛 Shellcheck
hack/e2e.applications.sh

[error] 1-1: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.

(SC2148)

[warning] 2-2: ShellCheck can't follow non-constant source. Use a directive to specify location.

(SC1090)

hack/modules/colors.sh

[warning] 3-3: RED appears unused. Verify use (or export if used externally).

(SC2034)

[warning] 4-4: GREEN appears unused. Verify use (or export if used externally).

(SC2034)

[warning] 5-5: RESET appears unused. Verify use (or export if used externally).

(SC2034)

[warning] 6-6: YELLOW appears unused. Verify use (or export if used externally).

(SC2034)

hack/modules/create_git_repo.sh

[warning] 13-13: Declare and assign separately to avoid masking return values.

(SC2155)

hack/modules/install_all_apps.sh

[warning] 44-44: Prefer mapfile or read -a to split command output (or quote to avoid splitting).

(SC2207)

hack/modules/install_chart.sh

[warning] 28-28: Declare and assign separately to avoid masking return values.

(SC2155)

🔇 Additional comments (24)
hack/modules/ignored_charts (3)

1-6: Verify the list of ignored charts and their exclusion rationale.

The current list includes both infrastructure components (mysql, rabbitmq) and application-specific services (tenant, http-cache). Please confirm:

  1. Are all these charts intentionally ignored?
  2. Is there a specific reason each of these charts is being ignored?
  3. Does ignoring these charts align with the project's architecture and deployment strategy?

It's important to ensure that excluding these charts doesn't negatively impact the system's functionality or the deployment process.

To help verify the necessity of ignoring these charts, please run:

#!/bin/bash
# Description: Check for the presence and usage of the listed charts in the project

# List all Helm charts in the project
echo "All Helm charts in the project:"
fd -e yaml -e yml . | xargs rg "kind:\s+Chart" -l

# Check for references to each ignored chart
for chart in tenant http-cache mysql rabbitmq virtual-machine vpn
do
    echo "Checking references to $chart:"
    rg --type-not binary "$chart"
done

1-6: Consider the impact on e2e testing mentioned in the PR title.

Given that this PR is titled "add e2e for apps", it's important to consider how ignoring these charts might affect the end-to-end testing process.

  1. Will excluding these charts from certain processes impact the comprehensiveness of the e2e tests?
  2. Are there separate e2e tests for the ignored components, or are they intentionally excluded from testing?
  3. How does ignoring these charts align with the overall testing strategy?

Ensure that the e2e testing approach takes into account the implications of ignoring these charts.

To help assess the impact on e2e testing, please run:

#!/bin/bash
# Description: Check for e2e test configurations and their relationship to the ignored charts

# Search for e2e test configurations
echo "Searching for e2e test configurations:"
rg --type-not binary "e2e.*test"

# Check if any of the ignored charts are mentioned in e2e test files
echo "Checking for ignored charts in e2e test files:"
rg --type-not binary "e2e.*test" -l | xargs rg -F -f hack/modules/ignored_charts

1-6: Add documentation to explain the purpose and usage of this file.

While the file name suggests these charts are to be ignored, it's not immediately clear in what context or process they are ignored. Consider adding a comment at the top of the file to explain:

  1. The purpose of this file
  2. How and when these ignored charts are used
  3. The implications of a chart being listed here

This documentation will help other developers understand the file's role in the project and make informed decisions when modifying it.

To ensure this file is being used as intended, please run the following script:

✅ Verification successful

Verification Complete: No References Found for hack/modules/ignored_charts

The hack/modules/ignored_charts file does not have any references in the current codebase. This suggests that the listed charts are not actively used or ignored by any existing scripts or configurations.

Recommendations:

  • Remove the ignored_charts File: If the file is no longer needed, deleting it will help keep the codebase clean and maintainable.
  • Add Documentation: If the file is intended for future use or serves a specific purpose that isn't immediately clear, consider adding comments or documentation to explain its role. This will assist other developers in understanding its necessity.
🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the usage of the ignored_charts file in the project

# Search for references to this file in the codebase
echo "Searching for references to ignored_charts:"
rg --type-not binary "ignored_charts"

# Check if there are any Helm-related scripts that might be using this file
echo "Checking for Helm-related scripts:"
fd -e sh -e bash . | xargs rg "helm" | rg "ignored_charts"

Length of output: 133004

hack/values/tenant.yaml (6)

1-1: Verify the default value for host

The host parameter is currently set to an empty string. Please confirm if this is intentional or if a default value should be provided.

If this is intentional, consider adding a comment explaining why the default value is an empty string and how it should be set in different environments.

2-2: Confirm implications of disabled etcd

The etcd parameter is set to false. Please verify:

  1. Is this the intended default state for all tenants?
  2. What are the implications of having etcd disabled?
  3. Are there any dependencies in the system that might be affected by this setting?

Consider adding a comment in the file explaining the purpose of this flag and its impact on the tenant's functionality.

3-3: Monitoring enabled by default

Enabling monitoring by default is a good practice. However, to provide more context:

  1. What type of monitoring does this enable?
  2. Are there any resource implications that users should be aware of?
  3. Is there documentation that describes what metrics or logs are collected when this is enabled?

Consider adding a comment or link to documentation explaining what this monitoring covers and how to access the monitored data.

4-4: Verify implications of disabled ingress

The ingress parameter is set to false. Please clarify:

  1. Why is ingress disabled by default?
  2. How should users enable ingress when needed?
  3. Are there security considerations behind this default setting?

Consider adding a comment explaining the reasons for this default setting and instructions on how and when to enable ingress.

5-5: SeaweedFS enabled by default

Enabling SeaweedFS by default suggests it's a core component. To provide more context:

  1. What are the implications of having SeaweedFS enabled?
  2. Are there any specific requirements or dependencies for SeaweedFS?
  3. Is there documentation on how SeaweedFS is configured and used in this context?

Consider adding a comment or link to documentation explaining the role of SeaweedFS in the tenant configuration and any important considerations for its use.

6-6: Clarify the purpose and implications of the isolated parameter

The isolated parameter is set to true. Please provide more information:

  1. What does "isolated" mean in this context?
  2. What are the implications of having a tenant isolated?
  3. Are there any specific security or resource allocation considerations related to this setting?

Consider adding a comment in the file explaining the purpose of this flag, its implications, and when it should or should not be used.

hack/Makefile (2)

1-1: LGTM: Proper use of .PHONY targets

The declaration of .PHONY targets for test, clean, and help is correct and follows Makefile best practices. This ensures these targets are always executed, regardless of whether a file with the same name exists.

3-4: LGTM: Clear variable definitions, but verify script existence

The variable definitions for SCRIPT and PRECHECKS are clear and promote maintainability. However, we should verify that these scripts exist in the repository.

Let's verify the existence of these scripts:

✅ Verification successful

✅ Verification Successful: Script files exist

Both e2e.applications.sh and pre-checks.sh scripts are present in the repository. The variable definitions are clear and correctly reference existing scripts.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check if the script files exist in the repository

# Test: Check if e2e.applications.sh exists
if fd -t f "e2e.applications.sh" .; then
    echo "e2e.applications.sh exists"
else
    echo "e2e.applications.sh does not exist"
fi

# Test: Check if pre-checks.sh exists
if fd -t f "pre-checks.sh" .; then
    echo "pre-checks.sh exists"
else
    echo "pre-checks.sh does not exist"
fi

Length of output: 219

hack/modules/install_tenant.sh (2)

1-2: LGTM: Proper shebang and script structure.

The script starts with the correct shebang for a Bash script, and the empty line after it improves readability.

10-11: Verify the relative path and ensure install_helmrelease is defined.

The function body correctly passes all parameters to install_helmrelease. However, there are two potential issues to address:

  1. The relative path "../../packages/apps/tenant" might not work if the script is called from different directories. Consider using an absolute path or defining the base path as a variable at the beginning of the script.

  2. The install_helmrelease function is not defined in this file. Ensure it's properly sourced or defined before it's called.

To verify the install_helmrelease function's existence and the correct path, you can run the following script:

This script will help ensure that the install_helmrelease function is defined somewhere in the hack/ directory and that the tenant packages directory exists in the expected location.

✅ Verification successful

Verification Successful: install_helmrelease is defined and tenant directory exists.

Both concerns raised in the review have been addressed:

  1. The install_helmrelease function is properly defined in hack/modules/install_chart.sh.
  2. The tenant packages directory packages/apps/tenant exists.

No further action is required at this time.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the install_helmrelease function and the tenant packages path

# Test 1: Check if install_helmrelease is defined in any of the script files
echo "Searching for install_helmrelease function definition:"
rg --type sh "function install_helmrelease" hack/

# Test 2: Verify the existence of the tenant packages directory
echo "Checking the existence of the tenant packages directory:"
if [ -d "packages/apps/tenant" ]; then
    echo "Directory exists"
else
    echo "Directory does not exist"
fi

Length of output: 433

.pre-commit-config.yaml (2)

10-11: LGTM: Improved YAML check exclusion pattern

The change from a specific file path to a regex pattern (.*init-script\.yaml$) for the check-yaml hook's exclude option is a good improvement. This will exclude all files named init-script.yaml in any directory, making the configuration more flexible and easier to maintain as the project grows.

The --unsafe argument is retained, which is appropriate if you need to allow custom tags in your YAML files.

Line range hint 1-25: Overall: Improved pre-commit hook configuration

The changes to this file enhance the pre-commit hook configuration in several ways:

  1. The check-yaml hook now has a more flexible exclusion pattern.
  2. The markdownlint hook has improved configuration with auto-fixing and specific rule disabling.
  3. A new gen-versions-map hook has been added to ensure version information is always up-to-date.

These improvements will lead to better code quality, more consistent Markdown files, and more reliable version tracking. The pre-commit checks are now more robust and should help catch potential issues earlier in the development process.

hack/modules/create_git_repo.sh (2)

1-11: LGTM: Well-structured function declaration and parameter handling.

The function declaration and parameter handling are implemented correctly. Good practices observed:

  • Use of local variables for parameters
  • Proper parameter validation with a clear usage message
  • Appropriate return value for incorrect usage

32-32: LGTM: Proper cleanup of temporary file.

The temporary file is correctly removed after use, which is a good practice to avoid leaving unnecessary files in the /tmp directory.

hack/modules/check_helmrelease_status.sh (1)

1-32: Overall assessment: Well-structured script with room for improvement

The check_helmrelease_status.sh script is well-structured and serves its purpose effectively. It follows good practices such as using local variables and providing clear error messages. The suggestions provided aim to enhance its robustness, configurability, and error handling capabilities.

Key points:

  1. Consider using a more robust method for sourcing the colors.sh file.
  2. Make timeout and interval values configurable for increased flexibility.
  3. Improve error handling for the kubectl command and provide more detailed status information.
  4. Enhance the timeout error message with additional context.

Implementing these suggestions will result in a more robust and maintainable script.

hack/e2e.applications.sh (1)

29-39: ⚠️ Potential issue

Enhance clean function with proper error handling

The clean function has similar issues to the test function:

  1. It always returns success (0) regardless of the actual cleanup results.
  2. The error case (lines 36-37) is unreachable due to the if true condition.

Consider refactoring the function to include proper error handling. Here's a suggested improvement:

 function clean() {
-    kubectl delete gitrepository.source.toolkit.fluxcd.io $GITREPO_NAME -n $FLUX_NS
-    kubectl delete helmrelease.helm.toolkit.fluxcd.io $TEST_TENANT -n $ROOT_NS
-    if true; then
-        echo -e "${GREEN}Cleanup successful!${RESET}"
-        return 0
-    else
-        echo -e "${RED}Cleanup failed!${RESET}"
-        return 1
-    fi
+    local error_occurred=false
+
+    if ! kubectl delete gitrepository.source.toolkit.fluxcd.io $GITREPO_NAME -n $FLUX_NS; then
+        echo -e "${RED}Failed to delete Git repository${RESET}"
+        error_occurred=true
+    fi
+
+    if ! kubectl delete helmrelease.helm.toolkit.fluxcd.io $TEST_TENANT -n $ROOT_NS; then
+        echo -e "${RED}Failed to delete Helm release${RESET}"
+        error_occurred=true
+    fi
+
+    if $error_occurred; then
+        echo -e "${RED}Cleanup failed!${RESET}"
+        return 1
+    else
+        echo -e "${GREEN}Cleanup successful!${RESET}"
+        return 0
+    fi
 }

This refactoring adds proper error handling and provides more detailed feedback on which cleanup operations failed, if any.

To ensure the cleanup function works correctly, you can run:

#!/bin/bash
# Verify that the resources are actually deleted after cleanup
clean
if kubectl get gitrepository.source.toolkit.fluxcd.io $GITREPO_NAME -n $FLUX_NS 2>/dev/null; then
    echo "Error: Git repository still exists after cleanup"
    exit 1
fi
if kubectl get helmrelease.helm.toolkit.fluxcd.io $TEST_TENANT -n $ROOT_NS 2>/dev/null; then
    echo "Error: Helm release still exists after cleanup"
    exit 1
fi
echo "Cleanup verification successful"
hack/modules/install_chart.sh (2)

1-11: LGTM: Well-structured script setup and function declaration.

The script starts with a proper shebang, sources external color definitions, and declares the install_helmrelease function with clear parameter names. This setup follows good practices for Bash scripting.

1-60: Overall assessment: Well-implemented script with room for minor improvements.

The install_helmrelease function is well-structured and accomplishes its goal of creating and applying a HelmRelease YAML. It follows good practices for Bash scripting, including parameter validation, secure temporary file creation, and cleanup.

The suggested improvements focus on:

  1. Additional parameter validation
  2. Separating variable declaration and assignment for better error handling
  3. Using a heredoc for improved YAML generation readability
  4. Adding error handling for the kubectl command

Implementing these suggestions will further enhance the script's robustness, readability, and maintainability.

🧰 Tools
🪛 Shellcheck

[warning] 28-28: Declare and assign separately to avoid masking return values.

(SC2155)

packages/apps/ferretdb/templates/init-script.yaml (2)

37-39: Excellent addition of database readiness check

The introduction of the pg_isready check is a great improvement. It ensures that the database is fully operational before proceeding with the initialization script, which can prevent potential errors due to timing issues.

Line range hint 121-126: Appropriate role assignment to users

The role assignment section is well-implemented. It correctly assigns the app_admin role to the app user and all users defined in the Helm values. This ensures that all necessary users have the required privileges.

hack/modules/install_all_apps.sh (1)

51-54: Ensure the ignored charts array is properly handled

If the ignored_charts array is empty, the condition in is_chart_ignored may not function as intended. Verify that the array is properly initialized and consider adding a check for an empty array.

Please confirm that ignored_charts is correctly populated and that the script handles the case where there are no ignored charts appropriately.

hack/modules/create_git_repo.sh Outdated
echo " namespace: \"$namespace\""
echo "spec:"
echo " interval: 1m"
echo " url: https://github.com/aenix-io/cozystack"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Consider parameterizing the GitHub URL.

The GitHub URL is currently hardcoded to "https://github.com/aenix-io/cozystack". If this script is intended for general use, it might be beneficial to make this URL a parameter of the function.

Here's a suggested improvement:

  1. Add a new parameter to the function:
function create_git_repo() {
    local repo_name="$1"
    local namespace="$2"
    local branch="$3"
    local repo_url="$4"
  1. Update the parameter check and usage message:
if [[ -z "$repo_name" || -z "$namespace" || -z "$branch" || -z "$repo_url" ]]; then
    echo "Usage: create_git_repo <repo_name> <namespace> <branch> <repo_url>"
    return 1
fi
  1. Use the new parameter in the YAML generation:
echo "  url: $repo_url"

This change would make the script more flexible and reusable across different projects.

hack/modules/create_git_repo.sh Outdated

} > "$gitrepo_file"

kubectl apply -f "$gitrepo_file"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Consider adding error handling for the kubectl command.

The kubectl apply command is used correctly, but there's no error handling in case the command fails. Adding error handling would make the script more robust.

Here's a suggested improvement:

-    kubectl apply -f "$gitrepo_file"
+    if ! kubectl apply -f "$gitrepo_file"; then
+        echo "Error: Failed to apply GitRepository resource"
+        rm -f "$gitrepo_file"
+        return 1
+    fi

This change will catch any errors from the kubectl apply command, clean up the temporary file, and return an error code if the application fails.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
kubectl apply -f "$gitrepo_file"
if ! kubectl apply -f "$gitrepo_file"; then
echo "Error: Failed to apply GitRepository resource"
rm -f "$gitrepo_file"
return 1
fi

hack/modules/check_helmrelease_status.sh
Comment on lines +1 to +3
#!/bin/bash

source ./modules/colors.sh
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Consider using a more robust path for sourcing colors.sh

The current method of sourcing colors.sh assumes a specific directory structure, which might not be portable across different environments or when the script is called from different locations.

Consider using a more robust method to source the colors.sh file. Here's an example:

-source ./modules/colors.sh
+SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+source "${SCRIPT_DIR}/colors.sh"

This change ensures that the colors.sh file is sourced from the same directory as the current script, regardless of where it's called from.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
#!/bin/bash
source ./modules/colors.sh
#!/bin/bash
SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
source "${SCRIPT_DIR}/colors.sh"

hack/modules/check_helmrelease_status.sh
Comment on lines +5 to +10
function check_helmrelease_status() {
local release_name="$1"
local namespace="$2"
local timeout=300 # Timeout in seconds
local interval=5 # Interval between checks in seconds
local elapsed=0
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Consider making timeout and interval configurable

The timeout and interval values are currently hardcoded, which might limit the script's flexibility in different environments or for different releases.

Consider making these values configurable by accepting them as optional parameters with default values. Here's an example implementation:

 function check_helmrelease_status() {
     local release_name="$1"
     local namespace="$2"
-    local timeout=300  # Timeout in seconds
-    local interval=5   # Interval between checks in seconds
+    local timeout="${3:-300}"  # Timeout in seconds, default 300
+    local interval="${4:-5}"   # Interval between checks in seconds, default 5
     local elapsed=0

This change allows users to optionally specify custom timeout and interval values when calling the function, while maintaining the current defaults if not specified.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
function check_helmrelease_status() {
local release_name="$1"
local namespace="$2"
local timeout=300 # Timeout in seconds
local interval=5 # Interval between checks in seconds
local elapsed=0
function check_helmrelease_status() {
local release_name="$1"
local namespace="$2"
local timeout="${3:-300}" # Timeout in seconds, default 300
local interval="${4:-5}" # Interval between checks in seconds, default 5
local elapsed=0

hack/modules/check_helmrelease_status.sh
Comment on lines +30 to +32
echo -e "${RED}Timeout reached. Helm release '$release_name' is still not ready after $timeout seconds.${RESET}"
exit 1
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Enhance timeout error message with more information

While the current timeout error message is clear, it could be more informative by including the last known status of the release.

Consider modifying the timeout error message to include the last known status of the release. Here's an example implementation:

-    echo -e "${RED}Timeout reached. Helm release '$release_name' is still not ready after $timeout seconds.${RESET}"
+    echo -e "${RED}Timeout reached. Helm release '$release_name' is still not ready after $timeout seconds.${RESET}"
+    echo -e "${RED}Last known status: $status_reason${RESET}"
+    echo -e "${RED}Last status message: $status_message${RESET}"
     exit 1

This change provides more context about the state of the release when the timeout occurs, which can be helpful for debugging and understanding why the release didn't become ready in time.

Committable suggestion was skipped due to low confidence.

hack/e2e.applications.sh Outdated
Comment on lines 12 to 27
function test() {
create_git_repo $GITREPO_NAME $FLUX_NS $BRANCH

install_tenant $TEST_TENANT $ROOT_NS $GITREPO_NAME $FLUX_NS
check_helmrelease_status $TEST_TENANT $ROOT_NS

install_all_apps "../packages/apps" "$TEST_TENANT" $GITREPO_NAME $FLUX_NS

if true; then
echo -e "${GREEN}All tests passed!${RESET}"
return 0
else
echo -e "${RED}Some tests failed!${RESET}"
return 1
fi
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Improve test function logic and error handling

The current implementation of the test function has several issues:

  1. It always returns success (0) regardless of the actual test results.
  2. The error case (lines 24-25) is unreachable due to the if true condition.
  3. There are no actual test assertions or checks for the installed applications.

Consider refactoring the function to include proper error handling and test assertions. Here's a suggested improvement:

 function test() {
-    create_git_repo $GITREPO_NAME $FLUX_NS $BRANCH
+    if ! create_git_repo $GITREPO_NAME $FLUX_NS $BRANCH; then
+        echo -e "${RED}Failed to create Git repository${RESET}"
+        return 1
+    fi

-    install_tenant $TEST_TENANT $ROOT_NS $GITREPO_NAME $FLUX_NS
-    check_helmrelease_status $TEST_TENANT $ROOT_NS
+    if ! install_tenant $TEST_TENANT $ROOT_NS $GITREPO_NAME $FLUX_NS; then
+        echo -e "${RED}Failed to install tenant${RESET}"
+        return 1
+    fi
+
+    if ! check_helmrelease_status $TEST_TENANT $ROOT_NS; then
+        echo -e "${RED}Helm release status check failed${RESET}"
+        return 1
+    fi

-    install_all_apps "../packages/apps" "$TEST_TENANT" $GITREPO_NAME $FLUX_NS
+    if ! install_all_apps "../packages/apps" "$TEST_TENANT" $GITREPO_NAME $FLUX_NS; then
+        echo -e "${RED}Failed to install all apps${RESET}"
+        return 1
+    fi

-    if true; then
-        echo -e "${GREEN}All tests passed!${RESET}"
-        return 0
-    else
-        echo -e "${RED}Some tests failed!${RESET}"
-        return 1
-    fi
+    # Add actual test assertions here
+    # For example:
+    # if ! check_app_status app1 $TEST_TENANT; then
+    #     echo -e "${RED}App1 status check failed${RESET}"
+    #     return 1
+    # fi
+
+    echo -e "${GREEN}All tests passed!${RESET}"
+    return 0
 }

This refactoring adds proper error handling and allows for the addition of specific test assertions for the installed applications.

Would you like assistance in implementing specific test assertions for the installed applications?

Committable suggestion was skipped due to low confidence.

hack/e2e.applications.sh Outdated
Comment on lines 1 to 10
for file in ./modules/*.sh; do
source "$file"
done

ROOT_NS="tenant-root"
TEST_TENANT="tenant-e2e"

FLUX_NS="cozy-fluxcd"
GITREPO_NAME="e2e-repo"
BRANCH="main"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codebase verification

⚠️ Potential issue

Undefined clean function detected

The clean function is called in hack/e2e.applications.sh but its definition was not found in the codebase. Please ensure that the clean function is properly defined or included from the sourced modules to avoid runtime errors.

🔗 Analysis chain

Add shebang and improve script initialization

  1. Add a shebang at the beginning of the file to specify the interpreter.
  2. Consider adding a comment explaining the purpose of sourcing multiple modules.
  3. Add error handling for the case when modules are missing.

Here's a suggested improvement:

+#!/bin/bash
+set -euo pipefail
+
+# Source all modules required for this script
for file in ./modules/*.sh; do
+    if [[ ! -f "$file" ]]; then
+        echo "Error: Required module $file not found" >&2
+        exit 1
+    fi
    source "$file"
done

ROOT_NS="tenant-root"
TEST_TENANT="tenant-e2e"

FLUX_NS="cozy-fluxcd"
GITREPO_NAME="e2e-repo"
BRANCH="main"

To ensure all required modules are present, run:

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check if all required modules are present
if ! ls ./modules/*.sh >/dev/null 2>&1; then
    echo "Error: No modules found in ./modules/ directory"
    exit 1
fi
echo "All required modules are present"

Length of output: 261

Script:

#!/bin/bash
# Search for the definition of the 'clean' function in the codebase
ast-grep --lang bash --pattern $'function clean() { $$$ }'

Length of output: 404

Script:

#!/bin/bash
# Search for the definition of the 'clean' function in the codebase with flexible patterns
ast-grep --lang bash --pattern $'function clean { $$$ }' || \
ast-grep --lang bash --pattern $'clean() { $$$ }' || \
ast-grep --lang bash --pattern $'clean () { $$$ }'

Length of output: 402

🧰 Tools
🪛 Shellcheck

[error] 1-1: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.

(SC2148)

[warning] 2-2: ShellCheck can't follow non-constant source. Use a directive to specify location.

(SC1090)

packages/apps/versions_map
Comment on lines +12 to +13
ferretdb 0.4.0 def2eb0f
ferretdb 0.4.1 HEAD
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codebase verification

Commit hash def2eb0f for ferretdb version 0.4.0 not found.

The specified commit hash def2eb0f for ferretdb version 0.4.0 does not exist in the repository. Please verify and update the commit hash accordingly.

🔗 Analysis chain

LGTM! Verify commit hashes for ferretdb versions.

The changes to the ferretdb package versions look good. Version 0.4.0 has been updated with a specific commit hash, and a new version 0.4.1 has been added pointing to HEAD.

To ensure the accuracy of these changes, please run the following script to verify the commit hashes:

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify commit hashes for ferretdb versions

# Test: Check if the commit hash for version 0.4.0 exists
git rev-parse --quiet --verify def2eb0f

# Test: Check if HEAD is different from the 0.4.0 commit
if [ "$(git rev-parse HEAD)" != "$(git rev-parse def2eb0f)" ]; then
    echo "HEAD is different from 0.4.0 commit, which is correct."
else
    echo "Warning: HEAD is the same as 0.4.0 commit. Please verify if this is intended."
fi

Length of output: 462

hack/modules/install_all_apps.sh
fi

# Return the array of ignored charts
echo "${ignored_charts[@]}"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Use 'printf' instead of 'echo' to safely handle array output

Using echo to output array elements can cause word splitting and globbing issues, especially if any chart names contain spaces or special characters. It's safer to use printf with a null character as a delimiter.

Modify the function to use printf:

-    echo "${ignored_charts[@]}"
+    printf '%s\0' "${ignored_charts[@]}"

This change ensures that the array elements are outputted correctly without unintended splitting.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
echo "${ignored_charts[@]}"
printf '%s\0' "${ignored_charts[@]}"

hack/modules/install_all_apps.sh Outdated
Comment on lines 58 to 61
install_helmrelease "$chart_name" "$namespace" "$chart_path" "$gitrepo_name" "$flux_ns"

echo "Checking status for HelmRelease: $chart_name"
check_helmrelease_status "$chart_name" "$namespace"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codebase verification

Missing sourcing of required scripts for functions

The install_all_apps.sh script does not source install_chart.sh and check_helmrelease_status.sh, which define the install_helmrelease and check_helmrelease_status functions. Ensure that these scripts are sourced before invoking the functions.

  • Add the following lines to install_all_apps.sh: 
    source ./hack/modules/install_chart.sh
source ./hack/modules/check_helmrelease_status.sh
🔗 Analysis chain

Check for the existence of required functions

The script calls install_helmrelease and check_helmrelease_status, but these functions are not defined within the provided code segment. Ensure that these functions are sourced or defined before they are called.

Run the following script to search for the definitions of these functions:

This script searches recursively for the definitions of install_helmrelease and check_helmrelease_status in the current directory.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify that required functions are defined in the codebase.

# Test: Search for the function definitions. Expect: Functions are defined.
grep -r -E 'function (install_helmrelease|check_helmrelease_status)\s*\(' .

Length of output: 223

Script:

#!/bin/bash
# Description: Verify that required scripts are sourced in install_all_apps.sh.

# Check if install_chart.sh is sourced
grep -E '^\s*(source|\.)\s+./hack/modules/install_chart\.sh' ./hack/modules/install_all_apps.sh

# Check if check_helmrelease_status.sh is sourced
grep -E '^\s*(source|\.)\s+./hack/modules/check_helmrelease_status\.sh' ./hack/modules/install_all_apps.sh

Length of output: 206

kvaps
kvaps requested changes Oct 18, 2024
View reviewed changes
Copy link
Member

@kvaps kvaps left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall looks good for the benging, but I'd like to:

  1. get rid of external git repositories logic, and use charts directly from cozystack container, and pre-exising helmrepositories. I made a PR for this: Refactor e2e tests for applications klinch0/cozystack#1
  2. Simplify the logic, to have the structure like this:
.
├── e2e.sh
├── e2e.applications.sh
└── lib
    ├── check_helmrelease_status.sh
    ├── colors.sh
    ├── install_all_apps.sh
    ├── install_chart.sh
    └── install_tenant.sh

  1. Please remove ignored_charts, every application from cozystack-apps should be installed without troubles, if it is not - it is an error and should be fixed

  2. implement the mechanism for defining extra checks, eg. after application deployed we could add extra commands eg.

kubectl wait --for=jsonpath=.status.status=Completed clickhouseinstallations.clickhouse.altinity.com clickhouse-e2e
  1. let's remove resleases right after they get tested

hack/e2e.applications.sh Outdated
BRANCH="main"

function test() {
create_git_repo $GITREPO_NAME $FLUX_NS $BRANCH
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd like to omit this logic, sicne Cozystack approach different, we need to test charts which are packaged to cozystak image only.

We don't expect that user will install them from external repo.

hack/modules/check_helmrelease_status.sh
local interval=5 # Interval between checks in seconds
local elapsed=0

while [[ $elapsed -lt $timeout ]]; do
Copy link
Member

@kvaps kvaps Oct 18, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wouldn't it be simpler to use kubectl wait --for=condition=ready?

hack/e2e.applications.sh

install_all_apps "../packages/apps" "$TEST_TENANT" $GITREPO_NAME $FLUX_NS

if true; then
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This will always be true, isn't that?

hack/e2e.applications.sh
function clean() {
kubectl delete gitrepository.source.toolkit.fluxcd.io $GITREPO_NAME -n $FLUX_NS
kubectl delete helmrelease.helm.toolkit.fluxcd.io $TEST_TENANT -n $ROOT_NS
if true; then
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This will always be true, isn't that?

@klinch0
Merge pull request #1 from aenix-io/add-tests-refactor
fe80232 
Refactor e2e tests for applications
coderabbitai[bot]
coderabbitai bot reviewed Oct 18, 2024
View reviewed changes
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 11

🧹 Outside diff range and nitpick comments (5)
hack/pre-checks.sh (3)

8-8: Approved with a suggestion for improvement

The change from using grep to awk for version extraction is a good improvement. It makes the script more flexible by not relying on a specific version number format.

However, to make it even more robust, consider modifying the awk command to handle potential variations in the yq -V output:

current_version=$(yq -V | awk '/version/ {print $NF}')

This change will:

  1. Look for "version" anywhere in the line, not just as the second-to-last field.
  2. Still print the last field, which is likely to be the version number.

This modification will make the script more resilient to potential changes in the yq -V output format.

Line range hint 3-3: Consider using a configurable version variable

The YQ_VERSION is currently hardcoded. Consider making it more flexible by allowing it to be set via an environment variable with a default fallback:

YQ_VERSION="${YQ_VERSION:-v4.35.1}"

This change would allow users to easily override the version requirement if needed, while maintaining the current default.

Line range hint 7-21: Add a check for yq command existence

Before attempting to use yq, it's a good practice to check if the command exists. This can prevent unclear error messages if yq is not installed. Consider adding the following check at the beginning of the check-yq-version function:

check-yq-version() {
    if ! command -v yq &> /dev/null; then
        echo "Error: yq is not installed or not in the PATH" >&2
        exit 1
    }
    
    # Rest of the function...
}

This addition will provide a clear error message if yq is not available, improving the script's user-friendliness.

hack/modules/install_chart.sh (2)

5-26: Add validation for remaining parameters

The function correctly validates the first three parameters. However, it's recommended to add validation for the remaining parameters (repo_name, repo_ns, values_file) to ensure all required information is provided before proceeding with the HelmRelease creation.

Consider adding the following validation checks:

if [[ -z "$repo_name" ]]; then
    echo -e "${RED}Error: Repository name is required.${RESET}"
    exit 1
fi

if [[ -z "$repo_ns" ]]; then
    echo -e "${RED}Error: Repository namespace is required.${RESET}"
    exit 1
fi

# Optional check for values_file, as it's used conditionally later
if [[ -n "$values_file" && ! -f "$values_file" ]]; then
    echo -e "${RED}Error: Specified values file does not exist.${RESET}"
    exit 1
fi

30-55: LGTM: Well-structured HelmRelease YAML creation

The YAML creation for the HelmRelease is well-structured and includes all necessary fields. The conditional inclusion of values from a file is a good feature, and the indentation is handled correctly.

For improved readability, consider using a heredoc instead of multiple echo statements:

cat << EOF > "$helmrelease_file"
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
  labels:
    cozystack.io/ui: "true"
  name: "$release_name"
  namespace: "$namespace"
spec:
  chart:
    spec:
      chart: "$chart_path"
      reconcileStrategy: Revision
      sourceRef:
        kind: HelmRepository
        name: "$repo_name"
        namespace: "$repo_ns"
      version: '*'
  interval: 1m0s
  timeout: 5m0s
EOF

if [[ -n "$values_file" && -f "$values_file" ]]; then
    echo "  values:" >> "$helmrelease_file"
    sed 's/^/    /' "$values_file" >> "$helmrelease_file"
fi

This approach can make the code more readable and easier to maintain.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between e274032 and fe80232.

📒 Files selected for processing (5)
  • hack/e2e.applications.sh (1 hunks)
  • hack/modules/install_all_apps.sh (1 hunks)
  • hack/modules/install_chart.sh (1 hunks)
  • hack/modules/install_tenant.sh (1 hunks)
  • hack/pre-checks.sh (1 hunks)
🚧 Files skipped from review as they are similar to previous changes (1)
  • hack/modules/install_tenant.sh
🧰 Additional context used
🪛 Shellcheck
hack/e2e.applications.sh

[error] 1-1: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.

(SC2148)

[warning] 2-2: ShellCheck can't follow non-constant source. Use a directive to specify location.

(SC1090)

hack/modules/install_all_apps.sh

[warning] 44-44: Prefer mapfile or read -a to split command output (or quote to avoid splitting).

(SC2207)

hack/modules/install_chart.sh

[warning] 28-28: Declare and assign separately to avoid masking return values.

(SC2155)

🔇 Additional comments (4)
hack/e2e.applications.sh (2)

5-6: LGTM: Clear and descriptive variable declarations

The variable declarations for ROOT_NS and TEST_TENANT are clear, descriptive, and appropriate for testing purposes.

34-47: 🛠️ Refactor suggestion

Improve main script logic to handle function return values

The main script logic correctly uses a case statement to handle command-line arguments. However, it doesn't capture or handle the return values from the test and clean functions.

Consider modifying the script to capture and handle the return values:

 case "$1" in
     test)
         echo -e "${YELLOW}Running tests...${RESET}"
-        test
+        if test; then
+            echo -e "${GREEN}Tests completed successfully${RESET}"
+            exit 0
+        else
+            echo -e "${RED}Tests failed${RESET}"
+            exit 1
+        fi
         ;;
     clean)
         echo -e "${YELLOW}Cleaning up...${RESET}"
-        clean
+        if clean; then
+            echo -e "${GREEN}Cleanup completed successfully${RESET}"
+            exit 0
+        else
+            echo -e "${RED}Cleanup failed${RESET}"
+            exit 1
+        fi
         ;;
     *)
         echo -e "${RED}Usage: $0 {test|clean}${RESET}"
         exit 1
         ;;
 esac

This modification ensures that the script's exit status reflects the success or failure of the test and clean operations, which is crucial for integration with CI/CD pipelines or other automated processes.

Likely invalid or redundant comment.

hack/modules/install_chart.sh (1)

1-4: LGTM: Proper script setup

The script starts with the correct shebang and sources a colors module, which is a good practice for consistent output styling.

hack/modules/install_all_apps.sh (1)

23-34: LGTM: Well-implemented function

The is_chart_ignored function is correctly implemented. It efficiently checks if a given chart name is in the list of ignored charts.

hack/e2e.applications.sh
Comment on lines +1 to +47
for file in ./modules/*.sh; do
source "$file"
done

ROOT_NS="tenant-root"
TEST_TENANT="tenant-e2e"

function test() {
install_tenant $TEST_TENANT $ROOT_NS
check_helmrelease_status $TEST_TENANT $ROOT_NS

install_all_apps "../packages/apps" "$TEST_TENANT" cozystack-apps cozy-public

if true; then
echo -e "${GREEN}All tests passed!${RESET}"
return 0
else
echo -e "${RED}Some tests failed!${RESET}"
return 1
fi
}

function clean() {
kubectl delete helmrelease.helm.toolkit.fluxcd.io $TEST_TENANT -n $ROOT_NS
if true; then
echo -e "${GREEN}Cleanup successful!${RESET}"
return 0
else
echo -e "${RED}Cleanup failed!${RESET}"
return 1
fi
}

case "$1" in
test)
echo -e "${YELLOW}Running tests...${RESET}"
test
;;
clean)
echo -e "${YELLOW}Cleaning up...${RESET}"
clean
;;
*)
echo -e "${RED}Usage: $0 {test|clean}${RESET}"
exit 1
;;
esac
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Enhance overall script structure and follow bash best practices

To improve the script's readability, maintainability, and robustness, consider the following suggestions:

  1. Add comments explaining the purpose of the script and its functions.
  2. Follow bash best practices, such as quoting variables.
  3. Add proper initialization and error handling for sourced modules.

Here's an example of how you could improve the script's structure:

#!/bin/bash
set -euo pipefail

# This script performs end-to-end testing and cleanup for applications
# in a Kubernetes environment using Cozystack.

# Source required modules
for file in ./modules/*.sh; do
    if [[ ! -f "$file" ]]; then
        echo "Error: Required module $file not found" >&2
        exit 1
    fi
    source "$file"
done

# Constants
ROOT_NS="tenant-root"
TEST_TENANT="tenant-e2e"

# Function to run tests
function test() {
    # ... (implementation with proper error handling)
}

# Function to clean up resources
function clean() {
    # ... (implementation with proper error handling)
}

# Main script logic
case "$1" in
    test)
        echo -e "${YELLOW}Running tests...${RESET}"
        if test; then
            echo -e "${GREEN}Tests completed successfully${RESET}"
            exit 0
        else
            echo -e "${RED}Tests failed${RESET}"
            exit 1
        fi
        ;;
    clean)
        echo -e "${YELLOW}Cleaning up...${RESET}"
        if clean; then
            echo -e "${GREEN}Cleanup completed successfully${RESET}"
            exit 0
        else
            echo -e "${RED}Cleanup failed${RESET}"
            exit 1
        fi
        ;;
    *)
        echo -e "${RED}Usage: $0 {test|clean}${RESET}"
        exit 1
        ;;
esac

These changes would significantly improve the script's structure, readability, and robustness.

🧰 Tools
🪛 Shellcheck

[error] 1-1: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.

(SC2148)

[warning] 2-2: ShellCheck can't follow non-constant source. Use a directive to specify location.

(SC1090)

⚠️ Potential issue

Enhance script security

The script uses environment variables and executes kubectl commands with potentially user-supplied input, which could lead to security vulnerabilities if not properly handled.

Consider implementing the following security measures:

  1. Sanitize and validate all user inputs and environment variables before use.
  2. Use kubectl --namespace="$ROOT_NS" instead of -n $ROOT_NS to prevent potential command injection.
  3. Consider using Kubernetes RBAC to limit the permissions of the service account used by this script.

Example of input validation:

function validate_namespace() {
    local ns="$1"
    if [[ ! "$ns" =~ ^[a-z0-9]([-a-z0-9]*[a-z0-9])?$ ]]; then
        echo "Invalid namespace: $ns" >&2
        return 1
    fi
}

# Usage
if ! validate_namespace "$ROOT_NS"; then
    exit 1
fi

Implement similar validation for other user inputs and environment variables to enhance the script's security.

🧰 Tools
🪛 Shellcheck

[error] 1-1: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.

(SC2148)

[warning] 2-2: ShellCheck can't follow non-constant source. Use a directive to specify location.

(SC1090)

hack/e2e.applications.sh
Comment on lines +1 to +3
for file in ./modules/*.sh; do
source "$file"
done
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Improve script initialization and error handling

Consider the following improvements:

  1. Add a shebang line at the beginning of the script.
  2. Implement error handling for missing modules.
  3. Set shell options for better error detection.

Here's a suggested improvement:

+#!/bin/bash
+set -euo pipefail
+
+# Source all modules required for this script
 for file in ./modules/*.sh; do
+    if [[ ! -f "$file" ]]; then
+        echo "Error: Required module $file not found" >&2
+        exit 1
+    fi
     source "$file"
 done

This change addresses the static analysis warning about the missing shebang and improves overall script robustness.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
for file in ./modules/*.sh; do
source "$file"
done
#!/bin/bash
set -euo pipefail
# Source all modules required for this script
for file in ./modules/*.sh; do
if [[ ! -f "$file" ]]; then
echo "Error: Required module $file not found" >&2
exit 1
fi
source "$file"
done
🧰 Tools
🪛 Shellcheck

[error] 1-1: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.

(SC2148)

[warning] 2-2: ShellCheck can't follow non-constant source. Use a directive to specify location.

(SC1090)

hack/e2e.applications.sh
Comment on lines +23 to +32
function clean() {
kubectl delete helmrelease.helm.toolkit.fluxcd.io $TEST_TENANT -n $ROOT_NS
if true; then
echo -e "${GREEN}Cleanup successful!${RESET}"
return 0
else
echo -e "${RED}Cleanup failed!${RESET}"
return 1
fi
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Improve clean function logic and error handling

The clean function has similar issues to the test function:

  1. It always reports success regardless of the actual cleanup result.
  2. The error case (lines 29-31) is unreachable due to the if true condition.
  3. There's no error handling for the kubectl delete command.

Consider refactoring the function to include proper error handling. Here's a suggested improvement:

 function clean() {
-    kubectl delete helmrelease.helm.toolkit.fluxcd.io $TEST_TENANT -n $ROOT_NS
-    if true; then
+    if kubectl delete helmrelease.helm.toolkit.fluxcd.io $TEST_TENANT -n $ROOT_NS; then
         echo -e "${GREEN}Cleanup successful!${RESET}"
         return 0
     else
         echo -e "${RED}Cleanup failed!${RESET}"
         return 1
     fi
 }

This refactoring adds proper error handling for the cleanup operation.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
function clean() {
kubectl delete helmrelease.helm.toolkit.fluxcd.io $TEST_TENANT -n $ROOT_NS
if true; then
echo -e "${GREEN}Cleanup successful!${RESET}"
return 0
else
echo -e "${RED}Cleanup failed!${RESET}"
return 1
fi
}
function clean() {
if kubectl delete helmrelease.helm.toolkit.fluxcd.io $TEST_TENANT -n $ROOT_NS; then
echo -e "${GREEN}Cleanup successful!${RESET}"
return 0
else
echo -e "${RED}Cleanup failed!${RESET}"
return 1
fi
}

hack/e2e.applications.sh
Comment on lines +8 to +21
function test() {
install_tenant $TEST_TENANT $ROOT_NS
check_helmrelease_status $TEST_TENANT $ROOT_NS

install_all_apps "../packages/apps" "$TEST_TENANT" cozystack-apps cozy-public

if true; then
echo -e "${GREEN}All tests passed!${RESET}"
return 0
else
echo -e "${RED}Some tests failed!${RESET}"
return 1
fi
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Improve test function logic and error handling

The current implementation of the test function has several issues:

  1. It always reports success regardless of the actual test results.
  2. The error case (lines 17-20) is unreachable due to the if true condition.
  3. There are no actual test assertions or checks for the installed applications.

Consider refactoring the function to include proper error handling and test assertions. Here's a suggested improvement:

 function test() {
-    install_tenant $TEST_TENANT $ROOT_NS
-    check_helmrelease_status $TEST_TENANT $ROOT_NS
+    if ! install_tenant $TEST_TENANT $ROOT_NS; then
+        echo -e "${RED}Failed to install tenant${RESET}"
+        return 1
+    fi
+
+    if ! check_helmrelease_status $TEST_TENANT $ROOT_NS; then
+        echo -e "${RED}Helm release status check failed${RESET}"
+        return 1
+    fi

-    install_all_apps "../packages/apps" "$TEST_TENANT" cozystack-apps cozy-public
+    if ! install_all_apps "../packages/apps" "$TEST_TENANT" cozystack-apps cozy-public; then
+        echo -e "${RED}Failed to install all apps${RESET}"
+        return 1
+    fi

-    if true; then
-        echo -e "${GREEN}All tests passed!${RESET}"
-        return 0
-    else
-        echo -e "${RED}Some tests failed!${RESET}"
-        return 1
-    fi
+    # Add actual test assertions here
+    # For example:
+    # if ! check_app_status app1 $TEST_TENANT; then
+    #     echo -e "${RED}App1 status check failed${RESET}"
+    #     return 1
+    # fi
+
+    echo -e "${GREEN}All tests passed!${RESET}"
+    return 0
 }

This refactoring adds proper error handling and allows for the addition of specific test assertions for the installed applications.

Committable suggestion was skipped due to low confidence.

hack/modules/install_chart.sh
Comment on lines +28 to +29
local helmrelease_file=$(mktemp /tmp/HelmRelease.XXXXXX.yaml)

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Separate variable declaration and assignment for error handling

To improve error handling and follow best practices, it's recommended to separate the declaration and assignment of the helmrelease_file variable. This allows for checking if mktemp succeeded and handling any potential errors.

Apply this change to address the issue:

-local helmrelease_file=$(mktemp /tmp/HelmRelease.XXXXXX.yaml)
+local helmrelease_file
+helmrelease_file=$(mktemp /tmp/HelmRelease.XXXXXX.yaml)
+if [[ $? -ne 0 ]]; then
+    echo -e "${RED}Error: Failed to create temporary file.${RESET}"
+    exit 1
+fi

This change allows you to check if mktemp succeeded and handle the error appropriately.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
local helmrelease_file=$(mktemp /tmp/HelmRelease.XXXXXX.yaml)
local helmrelease_file
helmrelease_file=$(mktemp /tmp/HelmRelease.XXXXXX.yaml)
if [[ $? -ne 0 ]]; then
echo -e "${RED}Error: Failed to create temporary file.${RESET}"
exit 1
fi
🧰 Tools
🪛 Shellcheck

[warning] 28-28: Declare and assign separately to avoid masking return values.

(SC2155)

hack/modules/install_chart.sh
Comment on lines +57 to +60
kubectl apply -f "$helmrelease_file"

rm -f "$helmrelease_file"
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Add error handling for kubectl command

While the YAML application and cleanup are correctly implemented, it's important to handle potential errors when applying the YAML with kubectl.

Implement error handling for the kubectl command as follows:

-kubectl apply -f "$helmrelease_file"
+if ! kubectl apply -f "$helmrelease_file"; then
+    echo -e "${RED}Error: Failed to apply HelmRelease.${RESET}"
+    rm -f "$helmrelease_file"
+    exit 1
+fi

rm -f "$helmrelease_file"

This change ensures that any errors during the kubectl apply operation are caught and reported, providing better feedback to the user and maintaining the script's robustness.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
kubectl apply -f "$helmrelease_file"
rm -f "$helmrelease_file"
}
if ! kubectl apply -f "$helmrelease_file"; then
echo -e "${RED}Error: Failed to apply HelmRelease.${RESET}"
rm -f "$helmrelease_file"
exit 1
fi
rm -f "$helmrelease_file"
}

hack/modules/install_all_apps.sh
Comment on lines +1 to +3
#!/bin/bash

source ./modules/colors.sh
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Add sourcing for required scripts

The script is missing the sourcing of required scripts for install_helmrelease and check_helmrelease_status functions. Add the following lines after sourcing the colors module:

source ./hack/modules/install_chart.sh
source ./hack/modules/check_helmrelease_status.sh

This ensures that all required functions are available before they are called in the script.

hack/modules/install_all_apps.sh

local ignore_file="./modules/ignored_charts"
local ignored_charts
ignored_charts=($(load_ignored_charts "$ignore_file"))
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Use 'mapfile' for safer array assignment

To safely read the array elements and avoid potential word splitting issues, use mapfile with process substitution:

-    ignored_charts=($(load_ignored_charts "$ignore_file"))
+    mapfile -d '' -t ignored_charts < <(load_ignored_charts "$ignore_file")

This change reads the null-delimited output from load_ignored_charts into the ignored_charts array safely.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
ignored_charts=($(load_ignored_charts "$ignore_file"))
mapfile -d '' -t ignored_charts < <(load_ignored_charts "$ignore_file")
🧰 Tools
🪛 Shellcheck

[warning] 44-44: Prefer mapfile or read -a to split command output (or quote to avoid splitting).

(SC2207)

hack/modules/install_all_apps.sh
Comment on lines +58 to +61
install_helmrelease "$release_name" "$namespace" "$chart_name" "$repo_name" "$repo_ns"

echo "Checking status for HelmRelease: $release_name"
check_helmrelease_status "$release_name" "$namespace"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Add error handling for external function calls

Add error handling for the install_helmrelease and check_helmrelease_status function calls to ensure the script can handle potential failures gracefully:

 echo "Installing release: $release_name"
-install_helmrelease "$release_name" "$namespace" "$chart_name" "$repo_name" "$repo_ns"
+if ! install_helmrelease "$release_name" "$namespace" "$chart_name" "$repo_name" "$repo_ns"; then
+    echo "Failed to install release: $release_name"
+    continue
+fi

 echo "Checking status for HelmRelease: $release_name"
-check_helmrelease_status "$release_name" "$namespace"
+if ! check_helmrelease_status "$release_name" "$namespace"; then
+    echo "HelmRelease status check failed for: $release_name"
+fi

This change ensures that the script continues to the next chart if installation fails and reports any status check failures.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
install_helmrelease "$release_name" "$namespace" "$chart_name" "$repo_name" "$repo_ns"
echo "Checking status for HelmRelease: $release_name"
check_helmrelease_status "$release_name" "$namespace"
echo "Installing release: $release_name"
if ! install_helmrelease "$release_name" "$namespace" "$chart_name" "$repo_name" "$repo_ns"; then
echo "Failed to install release: $release_name"
continue
fi
echo "Checking status for HelmRelease: $release_name"
if ! check_helmrelease_status "$release_name" "$namespace"; then
echo "HelmRelease status check failed for: $release_name"
fi

hack/modules/install_all_apps.sh
Comment on lines +6 to +20
function load_ignored_charts() {
local ignore_file="$1"
local ignored_charts=()

if [[ -f "$ignore_file" ]]; then
while IFS= read -r chart; do
ignored_charts+=("$chart")
done < "$ignore_file"
else
echo "Ignore file not found: $ignore_file"
fi

# Return the array of ignored charts
echo "${ignored_charts[@]}"
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Use 'printf' for safer array output

To safely handle array output, especially when chart names might contain spaces or special characters, replace the echo command with printf:

-    echo "${ignored_charts[@]}"
+    printf '%s\0' "${ignored_charts[@]}"

This change ensures that array elements are outputted correctly without unintended splitting.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
function load_ignored_charts() {
local ignore_file="$1"
local ignored_charts=()
if [[ -f "$ignore_file" ]]; then
while IFS= read -r chart; do
ignored_charts+=("$chart")
done < "$ignore_file"
else
echo "Ignore file not found: $ignore_file"
fi
# Return the array of ignored charts
echo "${ignored_charts[@]}"
}
function load_ignored_charts() {
local ignore_file="$1"
local ignored_charts=()
if [[ -f "$ignore_file" ]]; then
while IFS= read -r chart; do
ignored_charts+=("$chart")
done < "$ignore_file"
else
echo "Ignore file not found: $ignore_file"
fi
# Return the array of ignored charts
printf '%s\0' "${ignored_charts[@]}"
}

This was referenced Oct 21, 2024
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@kvaps kvaps kvaps requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@klinch0 @kvaps