Skip to content

HYPERFLEET-1202 - feat: add subnets field to ClusterPlatform model#11

Merged
openshift-merge-bot[bot] merged 1 commit into
openshift-hyperfleet:mainfrom
rafabene:HYPERFLEET-1202-add-subnets-to-cluster-platform
Jul 2, 2026
Merged

HYPERFLEET-1202 - feat: add subnets field to ClusterPlatform model#11
openshift-merge-bot[bot] merged 1 commit into
openshift-hyperfleet:mainfrom
rafabene:HYPERFLEET-1202-add-subnets-to-cluster-platform

Conversation

@rafabene

@rafabene rafabene commented Jul 2, 2026

Copy link
Copy Markdown
Member

Summary

  • Add SubnetSpec model with id, name, cidr, role fields
  • Add optional subnets array to ClusterPlatform
  • Required by E2E tests that validate Maestro adapter Go template rendering of {{ range .subnets }} in ManifestWork ConfigMaps

Test plan

  • TypeSpec compiles successfully
  • Schema generated and committed
  • E2E Maestro transport tests pass with subnets in cluster payload

@openshift-ci openshift-ci Bot requested review from pnguyen44 and rh-amarin July 2, 2026 16:29
@coderabbitai

coderabbitai Bot commented Jul 2, 2026

Copy link
Copy Markdown

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Central YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 1200ead0-4806-4233-ae1e-95de352215c4

📥 Commits

Reviewing files that changed from the base of the PR and between effba5f and c414e68.

📒 Files selected for processing (7)
  • CHANGELOG.md
  • main.tsp
  • models/cluster/example_cluster.tsp
  • models/cluster/example_post.tsp
  • models/cluster/model.tsp
  • schemas/template/openapi.yaml
  • schemas/template/swagger.yaml
🔗 Linked repositories identified

CodeRabbit considers these linked repositories for cross-repo context during reviews:

  • openshift-hyperfleet/architecture (manual)
  • openshift-hyperfleet/hyperfleet-api (manual)
  • openshift-hyperfleet/hyperfleet-sentinel (manual)
  • openshift-hyperfleet/hyperfleet-adapter (manual)
  • openshift-hyperfleet/hyperfleet-broker (manual)
✅ Files skipped from review due to trivial changes (3)
  • main.tsp
  • models/cluster/example_cluster.tsp
  • CHANGELOG.md
🚧 Files skipped from review as they are similar to previous changes (3)
  • models/cluster/model.tsp
  • schemas/template/swagger.yaml
  • schemas/template/openapi.yaml

📝 Walkthrough

Summary by CodeRabbit

  • New Features
    • Added support for configuring multiple subnets on cluster platforms, including subnet ID, name, CIDR, and role.
  • Documentation
    • Updated API documentation and examples to version 1.0.27.
    • Added OpenAPI/Swagger schema entries for the new subnet configuration (SubnetSpec and subnets field).

Walkthrough

Changes

ClusterPlatform now uses subnets?: SubnetSpec[] instead of a single subnet?: string. SubnetSpec defines id, name, cidr, and role. The OpenAPI and Swagger documents add the same schema changes, update cluster examples to include two subnet entries, and bump info.version to 1.0.27. main.tsp and CHANGELOG.md are updated to the same release version.

Estimated code review effort: 2 (Simple) | ~10 minutes

Security Notes

  • Schema shape changed from scalar to array/object; no visible CIDR validation or role enum enforcement in the diff. CWE-20 applies if downstream consumers trust these fields without validation.
  • No authN/authZ, transport, or dependency surface changes are present in the diff.
  • Version strings are aligned across TypeSpec, OpenAPI, Swagger, and changelog.
🚥 Pre-merge checks | ✅ 11
✅ Passed checks (11 passed)
Check name Status Explanation
Title check ✅ Passed The title directly names the main change: adding subnets to ClusterPlatform.
Description check ✅ Passed The description matches the implemented changes and the stated E2E test motivation.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Sec-02: Secrets In Log Output ✅ Passed PASS: no non-test/example log statements with token/password/credential/secret found; CWE-532 not triggered.
No Hardcoded Secrets ✅ Passed No hardcoded creds, embedded-credential URLs, or secret-like literals found in the changed files; only non-sensitive example subnet data (CWE-798/CWE-522).
No Weak Cryptography ✅ Passed No banned crypto primitives or secret comparisons appear in the patch; only spec/example/version updates, so no CWE-327/208 finding.
No Injection Vectors ✅ Passed No CWE-89/78/79/502 patterns found; touched files only add schemas and hardcoded example data, not user-controlled sinks.
No Privileged Containers ✅ Passed Changed files are TypeSpec/YAML schemas only; no privileged:true, hostNetwork/hostPID/hostIPC, SYS_ADMIN, allowPrivilegeEscalation, or root-user settings found.
No Pii Or Sensitive Data In Logs ✅ Passed PASS: diff only changes TypeSpec/YAML/examples; no slog/logr/zap/fmt.Print/console logs or payload logs found, so no CWE-532 exposure.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
✨ Simplify code
  • Create PR with simplified code

Comment @coderabbitai help to get the list of available commands.

Add SubnetSpec model and optional subnets array to ClusterPlatform
to support subnet configuration in cluster platform spec. Required by
E2E tests that validate Maestro Go template rendering of subnet data
in ManifestWork ConfigMaps.
@rafabene rafabene force-pushed the HYPERFLEET-1202-add-subnets-to-cluster-platform branch from effba5f to c414e68 Compare July 2, 2026 16:33

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@models/cluster/model.tsp`:
- Around line 14-19: The SubnetSpec model currently accepts unchecked cidr and
role strings, so add schema-level validation in SubnetSpec to constrain cidr to
valid CIDR notation and replace role with a closed enum like the other typed
fields in this schema. Update the SubnetSpec definition so invalid subnet data
is rejected at the boundary before it reaches Maestro template rendering, and
keep the fix localized to the SubnetSpec type and any related role definitions
it references.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Central YAML (base), Organization UI (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 558bd5eb-273b-4ee5-83e5-d86446a25be8

📥 Commits

Reviewing files that changed from the base of the PR and between 1f869c2 and effba5f.

📒 Files selected for processing (5)
  • CHANGELOG.md
  • main.tsp
  • models/cluster/model.tsp
  • schemas/template/openapi.yaml
  • schemas/template/swagger.yaml
🔗 Linked repositories identified

CodeRabbit considers these linked repositories for cross-repo context during reviews:

  • openshift-hyperfleet/architecture (manual)
  • openshift-hyperfleet/hyperfleet-api (manual)
  • openshift-hyperfleet/hyperfleet-sentinel (manual)
  • openshift-hyperfleet/hyperfleet-adapter (manual)
  • openshift-hyperfleet/hyperfleet-broker (manual)

Comment thread models/cluster/model.tsp
@ma-hill

ma-hill commented Jul 2, 2026

Copy link
Copy Markdown

/lgtm

@openshift-ci

openshift-ci Bot commented Jul 2, 2026

Copy link
Copy Markdown

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ma-hill

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci Bot added the approved label Jul 2, 2026
@openshift-merge-bot openshift-merge-bot Bot merged commit eea18da into openshift-hyperfleet:main Jul 2, 2026
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants