Skip to content

HYPERFLEET-1202 - feat: add Go module support for downstream consumption#10

Closed
rafabene wants to merge 1 commit into
openshift-hyperfleet:mainfrom
rafabene:HYPERFLEET-1202-add-go-module
Closed

HYPERFLEET-1202 - feat: add Go module support for downstream consumption#10
rafabene wants to merge 1 commit into
openshift-hyperfleet:mainfrom
rafabene:HYPERFLEET-1202-add-go-module

Conversation

@rafabene

@rafabene rafabene commented Jul 1, 2026

Copy link
Copy Markdown
Member

Summary

  • Add go.mod declaring github.com/openshift-hyperfleet/hyperfleet-api-spec-template as a Go module
  • Add schemas/schemas.go exposing template/openapi.yaml via embed.FS
  • Mirrors the pattern already used by hyperfleet-api-spec for downstream Go consumers

This enables the E2E repo to import the template spec as a Go dependency and generate a typed HTTP client from the partner contract (Clusters, NodePools, Channels, Versions, WifConfigs).

Test plan

  • go build ./schemas/ compiles successfully
  • Embedded filesystem correctly exposes template/openapi.yaml

@openshift-ci

openshift-ci Bot commented Jul 1, 2026

Copy link
Copy Markdown

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign ciaranroche for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci Bot requested review from rh-amarin and sherine-k July 1, 2026 14:40
@coderabbitai

coderabbitai Bot commented Jul 1, 2026

Copy link
Copy Markdown

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Central YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: b3f897e0-9d6e-498c-873e-7e229a46928b

📥 Commits

Reviewing files that changed from the base of the PR and between 1f869c2 and bbc5c0e.

📒 Files selected for processing (2)
  • go.mod
  • schemas/schemas.go
🔗 Linked repositories identified

CodeRabbit considers these linked repositories for cross-repo context during reviews:

  • openshift-hyperfleet/architecture (manual)
  • openshift-hyperfleet/hyperfleet-api (manual)
  • openshift-hyperfleet/hyperfleet-sentinel (manual)
  • openshift-hyperfleet/hyperfleet-adapter (manual)
  • openshift-hyperfleet/hyperfleet-broker (manual)

📝 Walkthrough

Summary by CodeRabbit

  • New Features
    • Added bundled API schema assets for easier access to the latest OpenAPI definition.
  • Chores
    • Updated the Go toolchain version used by the project.

Walkthrough

go.mod toolchain version updated to go 1.25.0. New package schemas/schemas.go added, embedding template/openapi.yaml into an exported embed.FS variable named FS via a //go:embed directive.

Estimated code review effort: 1 (Trivial) | ~5 minutes

Security Notes

  • go.mod: toolchain bump to go 1.25.0 — verify this version is pinned/reproducible and matches CI build image; unpinned toolchain directives can enable supply-chain drift (CWE-1104 use of unmaintained/uncontrolled dependency versioning).
  • schemas/schemas.go: //go:embed pulls template/openapi.yaml into the binary at build time. Confirm openapi.yaml provenance and that it's not writable by untrusted build steps — embedded content becomes part of the compiled artifact with no runtime validation (CWE-706 use of incorrectly-resolved name/path if template path is ever dynamic).
  • No exported API surface changes beyond FS; no auth/crypto/IO logic touched in this diff.

Suggested reviewers: platform-api-maintainers

🚥 Pre-merge checks | ✅ 11
✅ Passed checks (11 passed)
Check name Status Explanation
Title check ✅ Passed Matches the change: it describes adding Go module support for downstream consumers, aligned with go.mod and the embedded schema export.
Description check ✅ Passed Directly describes the module addition and embedded OpenAPI exposure; it is clearly related to the changeset.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Sec-02: Secrets In Log Output ✅ Passed No log statements found in non-test/example Go files; schemas/schemas.go only embeds openapi.yaml, so no CWE-532 secret-in-log exposure.
No Hardcoded Secrets ✅ Passed No hardcoded secrets in changed files: only module metadata and embed.FS, with no credential literals, creds-in-URL, or long base64 strings (CWE-798/259).
No Weak Cryptography ✅ Passed No banned crypto primitives, ECB, custom crypto, or secret comparisons were added; only go.mod and embed.FS. CWE-327/CWE-208 not triggered.
No Injection Vectors ✅ Passed No CWE-89/78/79/502 patterns in the added go.mod or embed.FS wrapper; no SQL concat, exec.Command, template.HTML, or yaml.Unmarshal on untrusted input.
No Privileged Containers ✅ Passed Only go.mod and schemas/schemas.go changed; no manifests/Dockerfiles, and repo scan found no privileged settings (CWE-269/CWE-732).
No Pii Or Sensitive Data In Logs ✅ Passed No logging statements were added; only go.mod and an embed.FS declaration, so no CWE-532/PII exposure path is present.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
✨ Simplify code
  • Create PR with simplified code

Comment @coderabbitai help to get the list of available commands.

Expose the generated template OpenAPI schema as an embedded filesystem
so Go services can import this module and read schemas/template/openapi.yaml
without vendoring local copies. Mirrors the pattern used by hyperfleet-api-spec.
@rafabene rafabene force-pushed the HYPERFLEET-1202-add-go-module branch from bbc5c0e to 6e207b4 Compare July 1, 2026 14:54
@rafabene

rafabene commented Jul 1, 2026

Copy link
Copy Markdown
Member Author

Closing in favor of downloading openapi.yaml directly from releases. Spec repos should remain language-agnostic — consumers generate their own clients.

@rafabene rafabene closed this Jul 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant