* Docs(KEP): Go SDK for X-Definition Authoring (defkit)
Introduces KEP proposal for defkit, a Go SDK that enables platform
engineers to author X-Definitions using native Go code instead of CUE.
Key proposed features:
- Fluent builder API for Component, Trait, Policy, and WorkflowStep definitions
- Transparent Go-to-CUE compilation
- IDE support with autocomplete and type checking
- Schema-agnostic resource construction
- Collection operations (map, filter, dedupe)
- Composable health and status expressions
- Addon integration with godef/ folder support
- Module dependencies for definition sharing via go get
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(KEP): Examples and minor api changes given in the document
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(KEP): align defkit examples
- Fix golang version in CI
- Fix variable declaration in example for testing
- Add Is() comparison method to status check
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Docs(KEP): add security considerations section
- Add goal #7 for secure code execution model
- Add Security Considerations section covering:
- Code execution model (compile-time only, not runtime)
- Security benefits over CUE (static analysis, dependency scanning)
- Threat model with mitigations
Addresses PR feedback about code execution safety.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Docs(KEP): add module versioning and definition placement sections
- Add Module Versioning section explaining git-based version derivation
- Add Definition Placement section covering:
- Motivation for placement constraints in multi-cluster environments
- Fluent API for placement (RunOn, NotRunOn, label conditions)
- Logical combinators (And, Or, Not)
- Module-level placement defaults
- Placement evaluation logic
- CLI experience for managing cluster labels
- Add Module Hooks section for lifecycle callbacks
- Minor fixes and clarifications throughout
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Docs(KEP): add module hooks and update addon integration sections
- Add Module Hooks section covering:
- Use cases (CRD installation, setup scripts, post-install samples)
- Hook configuration in module.yaml (pre-apply, post-apply)
- Hook types (path for manifests, script for shell scripts)
- waitFor field with condition names and CUE expressions
- CLI usage (--skip-hooks, --dry-run)
- Update Addon Integration section with implementation details:
- godef/ folder structure with module.yaml
- CLI flags (--godef, --components, --traits, --policies, --workflowsteps)
- Conflict detection and --override-definitions flag
- Development workflow
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Docs(KEP): address PR review comments and clarify placement labels
- Fix misleading "Sandboxed Compilation" claim (cubic-ai feedback) -
renamed to "Isolated Compilation" and clarified that security relies
on trust model, not technical sandboxing
- Fix inconsistent apiVersion in module hooks example (defkit.oam.dev/v1
→ core.oam.dev/v1beta1)
- Clarify that placement uses vela-cluster-identity ConfigMap directly,
not the vela cluster labels command (which is planned for future)
- Add --stats flag to apply-module CLI documentation
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Docs(KEP): fix API documentation
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add core fluent API types for Go-based definitions
Introduce the defkit package providing a fluent Go API for defining
KubeVela X-Definitions (components, traits, policies, workflow steps).
Core types added:
- types.go: Value, Condition, Param interfaces
- base.go: Base definition types and interfaces
- param.go: Parameter builders (String, Int, Bool, Array, Map, Struct, Enum)
- expr.go: Expression builders for conditions and comparisons
- resource.go: Resource operations (Set, SetIf, Spread)
- context.go: KubeVela context references (appName, namespace, etc.)
- test_context.go: Test utilities for definition validation
This enables writing type-safe Go definitions that compile to CUE.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add collection operations and helper builders
Add fluent API for array/collection transformations:
- CollectionOp with Filter, Map, Pick, Wrap, Dedupe operations
- From() and Each() entry points for collection pipelines
- FieldRef, FieldEquals, FieldMap for field-level operations
- MultiSource for complex multi-array comprehensions
- Add helper builders for template variables
- Add value transformation utilities
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add CUE code generator
Implement CUEGenerator that transforms Go definitions into CUE code
Added helper methods and writers for conversion
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add status and health policy builders
Add fluent builders for customStatus and healthPolicy CUE generation
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add definition type builders
Add fluent builders for all four KubeVela X-Definition types:
- ComponentDefinition
- TraitDefinition
- PolicyDefinition
- WorkflowStepDefinition
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(goloader): add Go module loader for definitions
- Definition interface and registry for runtime discovery
- Discover and parse Go-based definition files
- Compile Go definitions to CUE at runtime
- Module environment for batch processing
- Parallel generation for better performance
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(cli): add vela def commands for Go-based definitions
- init-module: scaffold a new Go definition module
- apply-module: compile and apply definitions to cluster
- list-module: show definitions in a module
- validate-module: validate definitions without applying
- Also support the cue commands for xdefintions for go code
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add testing utilities and matchers
- CUE comparison matchers for Ginkgo/Gomega tests
- Test helpers for definition validation
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add patch container helpers for container mod operations
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(cli): update the go module to 1.23.8 for defkit init-module command
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Refactor: Add grouped help output for vela def command
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add definition placement for cluster-aware deployments
Enable definitions to specify which clusters they should run on based on
cluster identity labels stored in a well-known ConfigMap.
Also derives module version from git tags and improves init-module to
create directories from --name flag.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add RunOn/NotRunOn fluent API for placement constraints
Add placement methods to all definition builders allowing definitions
to specify cluster eligibility using the placement package's fluent API.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Docs(defkit): add commented placement example to module.yaml template
Show users the placement syntax in generated module.yaml without
setting actual values.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add module-level placement support
Add placement constraints at the module level in module.yaml that
apply to all definitions unless overridden at definition level.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add CLI placement enforcement in apply-module
Add placement constraint checking to `vela def apply-module` command.
Definitions are skipped if cluster labels don't match module placement.
- Add --ignore-placement flag to bypass placement checks
- Display placement status during apply with clear skip reasons
- Track placement-skipped count in summary output
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(defkit): show all flags in subcommand help output
Fix custom help function to properly display flags for def subcommands
like init-module and apply-module instead of only showing parent flags.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(defkit): apply name prefix to definitions in apply-module
The --prefix flag was not being applied to definition names. The prefix
was set in module loader metadata but not used when creating Kubernetes
objects from parsed CUE.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Chore(defkit): align module command help with standard vela pattern
Remove argument placeholders from command Use field to align with
other vela commands (addon, cluster, workflow). Arguments are shown
in examples and individual --help output instead of the listing.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(goloader): use json.Unmarshal for go mod download output
The downloadGoModule function parses JSON output from 'go mod download -json'
but was incorrectly using yaml.Unmarshal with json struct tags. The yaml.v3
library ignores json tags, resulting in empty field values.
This would cause remote Go module loading (e.g., github.com/foo/bar@v1.0.0)
to fail with "go mod download did not return a directory" because result.Dir
would be empty.
Fix: Use json.Unmarshal instead since the data is JSON from the Go toolchain.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(goloader): use semver for MinVelaVersion comparison
String comparison of version numbers is incorrect for cases like
"v1.10.0" > "v1.9.0" which returns false due to lexicographic ordering.
Use the Masterminds/semver library (already a dependency) for proper
semantic version comparison in ValidateModule().
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(placement): validate operator in module placement conditions
Add validation to catch invalid placement operators at module load time
instead of silently failing at runtime evaluation.
- Add Operator.IsValid() method to check for valid operators
- Add ValidOperators() helper function
- Add validatePlacementConditions() in ValidateModule()
- Provides clear error message with valid operator list
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(cli): validate conflict strategy in apply-module
Invalid --conflict values like "invalid" were silently accepted and
would fall through the switch statement, behaving like "overwrite".
Add ConflictStrategy.IsValid() method and validation at flag parsing
to provide clear error message for invalid values.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(placement): support definition-level placement constraints
Previously only module-level placement was enforced. Now individual
definitions can specify their own placement constraints that override
module defaults.
Changes:
- Add Placement field to DefinitionInfo and DefinitionPlacement types
- Add GetPlacement/HasPlacement to Definition interface
- Update registry ToJSON to include placement in output
- Update goloader to capture definition placement from registry
- Update CLI apply-module to use GetEffectivePlacement() for combining
module-level and definition-level placement
- Add comprehensive tests for definition placement
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Chore(defkit): remove dead PatchTemplate code
PatchTemplate, PatchOp, SetPatchOp, and SetIfPatchOp were defined but
never used anywhere in the codebase. The PatchResource type already
provides the same functionality and is the one actually being used
through Template.Patch().
Removed:
- PatchTemplate struct and its methods (ToCue, SetIf, Set)
- PatchOp interface
- SetPatchOp struct and its ToCue method
- SetIfPatchOp struct and its ToCue method
- NewPatchTemplate constructor
This cleanup reduces maintenance burden without affecting any
functionality.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(cli): pass actual VelaVersion to validate-module command
The help text for `vela def validate-module` promised to check
minVelaVersion requirements but ValidateModule() was called with
an empty string, causing the check to be silently skipped.
Now passes velaversion.VelaVersion so modules specifying a minimum
KubeVela version will be properly validated against the current CLI
version.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): implement WithDetails() and FromTyped() APIs
WithDetails():
- Adds WithDetails(message, details...) method to StatusBuilder
- Allows adding structured key-value details alongside status messages
- Uses existing StatusDetail and statusWithDetailsExpr infrastructure
- Example: s.WithDetails(s.Format("Ready: %v", ...), s.Detail("endpoint", ...))
FromTyped():
- Converts typed Kubernetes objects (runtime.Object) to Resource
- Provides compile-time type safety for building resources
- Requires TypeMeta to be set on the object
- Includes MustFromTyped() variant that panics on error
- Example: defkit.FromTyped(&appsv1.Deployment{...})
Both APIs were documented in the KEP but not implemented.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Style(defkit): apply gofmt formatting
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(defkit): fix remote module download with @latest version
When downloading a Go module without an explicit version, always append
@latest to ensure go mod download fetches from the remote repository
instead of skipping the download.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(defkit): support running def commands from any directory
Previously, module commands like `vela def list-module` only worked
when run from within the kubevela repository. Now they work from any
directory by honoring replace directives in the source module's go.mod.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): generate doc.go files in init-module
Create doc.go files with package documentation in each definition
directory (components, traits, policies, workflowsteps). This ensures
go mod tidy works correctly by making each directory a valid Go package,
and provides helpful examples for users creating new definitions.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(defkit): deduplicate definitions from overlapping directory scans
The module loader scans both conventional directories (components/,
traits/, etc.) and the root directory. Since DiscoverDefinitions uses
recursive filepath.Walk, files in subdirectories were found twice.
Added file tracking to skip already-processed files.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(defkit): validate placement constraints and fix GOWORK interference
Add validation for conflicting placement constraints at registration time.
Definitions with logically impossible placement (e.g., same condition in
both RunOn and NotRunOn) now fail fast with a clear error message.
Also fix placement loading when parent directories contain go.work files
by setting GOWORK=off when running the registry generator.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add parameter schema constraints and runtime condition methods
Extend the parameter fluent API with comprehensive validation and
conditional logic support:
- Schema constraints for input validation (Min/Max, Pattern, MinLen/MaxLen, MinItems/MaxItems)
- Runtime conditions for template logic (In, Contains, Matches, StartsWith/EndsWith, Len*, IsEmpty/IsNotEmpty, HasKey, IsFalse)
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(defkit): add waitFor support with CUE expressions for module hooks
Add the ability to specify custom readiness conditions for module hooks
using the new `waitFor` field. This allows users to define precise
conditions for when resources should be considered ready.
The waitFor field supports two formats:
- Simple condition name (e.g., "Ready", "Established") - checks
status.conditions for the named condition with status "True"
- CUE expression (e.g., "status.replicas == status.readyReplicas") -
evaluated against the full resource for flexible readiness checks
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Feat(addon): add godef support for Go-based definitions in addons
Add support for a godef/ folder in addons that allows writing definitions
in Go instead of CUE. When an addon is enabled, Go definitions are
automatically compiled to CUE and deployed alongside traditional CUE
definitions.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: lint issues and make reviewable
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: lint and build failure
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: lint and ci errors
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: golangci-lint errors for defkit package
- Use standard library errors (errors.Is/As) instead of pkg/errors
- Fix ineffassign issues by scoping variables correctly
- Add nolint comments for intentional nilerr, makezero patterns
- Combine chained appends in addon init.go
- Add gosec nolint for CLI file operations and permissions
- Increase gocyclo threshold to 35, nolint complex CLI commands
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: kubectl installation with retry and fallback version in github actions
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix(ci): hardcode kubectl version to avoid flaky CDN endpoint
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Chore: improve test coverage for codecov
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Chore: add more tests for codecov and CI to pass
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: ci failure on style
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: OperatorNotEquals to fail closed with empty values
Change NotEquals operator to return false when Values slice is empty,
matching the fail-closed behavior of Equals operator. This prevents
silent widening of placement eligibility when a malformed constraint
is created.
Following Kubernetes label selector semantics where In/NotIn operators
require non-empty values, we apply a fail-closed approach for safety
in placement decisions.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: OpenArrayParam field shadowing and remove redundant GetName()
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: path traversal vulnerability in Go definition scaffolding
Validate Go definition names before using them in file paths to prevent
creation of files outside the addon directory. Unsanitized names could
contain path traversal segments (e.g., "../../../etc/passwd") allowing
arbitrary file writes.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: unescaped string interpolation in health_expr CUE generation
Use %q format verb in formatValue() to properly escape quotes and
special characters when generating CUE strings. Update fieldContainsExpr
to use formatValue() instead of raw string interpolation.
This prevents invalid CUE when substring values contain quotes or
backslashes.
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: Guard against typed nil in Gomega matchers to prevent panic
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: Guard against malformed bracket path in parseBracketAccess
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: incomplete AppRevision test to actually verify resolution
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Fix: apply fail-closed behavior to NotIn with empty values
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* Doc: Added note about RawCUE and some alignment style
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
---------
Signed-off-by: Anoop Gopalakrishnan <anoop2811@aol.in>
* feat(addon): Store addon registry tokens in Secrets
Previously, addon registry tokens were stored in plaintext within the 'vela-addon-registry' ConfigMap. This is not a secure practice for sensitive data.
This commit refactors the addon registry functionality to store tokens in Kubernetes Secrets. The ConfigMap now only contains a reference to the secret name, while the token itself is stored securely.
This change includes:
- Creating/updating secrets when a registry is added/updated.
- Loading tokens from secrets when a registry is listed/retrieved.
- Deleting secrets when a registry is deleted.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* test(addon): Add tests for registry token secret storage
This commit introduces a comprehensive test suite for the addon registry feature.
It includes:
- Isolated unit tests for each CRUD operation (Add, Update, List, Get, Delete) to ensure each function works correctly in isolation.
- A stateful integration test to validate the complete lifecycle of an addon registry from creation to deletion.
The tests verify that tokens are handled correctly via Kubernetes Secrets, confirming the implementation of the secure token storage feature.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(addon): improve addon registry robustness and fix bugs
This commit introduces several improvements to the addon registry to make it more robust and fixes several bugs.
- When updating a secret, the existing secret is now fetched and updated to avoid potential conflicts.
- Deleting a non-existent registry now returns no error, making the operation idempotent.
- Getting a non-existent registry now returns a structured not-found error.
- Loading a token from a non-existent secret is now handled gracefully.
- When setting a token directly on a git-based addon source, the token secret reference is now cleared.
- The token secret reference is now correctly copied in `SafeCopy`.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* Refactor(addon): Fix secret deletion and improve registry logic
This commit refactors the addon registry data store to fix a critical bug where deleting an addon registry would not delete its associated token secret.
The root cause was that the `GetRegistry` function, which was used by `DeleteRegistry`, would load the token from the secret and then clear the `TokenSecretRef` field on the in-memory object. This meant that when `DeleteRegistry` tried to find the secret to delete, the reference was already gone.
This has been fixed by:
1. Introducing a central `getRegistries` helper function to read the raw registry data from the ConfigMap.
2. Refactoring all data store methods (`List`, `Get`, `Add`, `Update`, `Delete`) to use this central helper, removing duplicate code.
3. Ensuring `DeleteRegistry` uses the raw, unmodified registry data so that the `TokenSecretRef` is always available for deletion.
Additionally, comprehensive unit tests for the new helper functions (`getRegistries`, `loadTokenFromSecret`, `createOrUpdateTokenSecret`) have been added to verify the fix and improve overall code quality and stability.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(addon): improve addon registry token security and logging
This commit enhances the security and observability of addon registry token handling.
- Adds a warning message to users when an insecure inline token is detected in an addon registry configuration, prompting them to migrate to a more secure secret-based storage.
- Implements info-level logging to create an audit trail for token migrations, providing administrators with visibility into security-related events.
- Refactors the token migration logic into a new `migrateInlineTokenToSecret` function, improving code clarity and maintainability.
- Introduces unit tests for the `TokenSource` interface methods and the `GetTokenSource` function to ensure correctness and prevent regressions.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* Chore: remove comments to triger ci
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
---------
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* fix(addon): show correct owner in definition conflict error
When enabling an addon, if a definition conflicted with one from another existing addon, the error message would misleadingly cite the addon being installed as the owner, rather than the actual owner of the definition. This made it difficult for users to diagnose the conflict.
This commit corrects the error message generation in `checkConflictDefs` to use the name of the actual owner application. A comprehensive unit test for this function has also been added to verify the corrected behavior and prevent regressions.
Fixes#6898
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* fix(addon): show correct owner name in conflict message
When a definition conflict occurs, the error message attempts to show the addon that owns the existing definition.
However, if the owner is not a KubeVela addon application (i.e., its name doesn't have the 'addon-' prefix), the `AppName2Addon` function returns an empty string. This resulted in a confusing conflict message with a blank owner name, like "already exist in \n".
This patch fixes the issue by checking if the result of `AppName2Addon` is empty. If it is, it falls back to using the full application name of the owner,
ensuring the conflict message is always clear and actionable.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* chore(addon): update comment for addon name
- Add this comment to trigger ci
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* fix(addon): improve conflict message for addon definitions
adjust comment placement and logic to ensure correct addon name display in conflict messages
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
---------
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(addon): add comprehensive unit tests for addon readers
This commit enhances the test coverage and code quality for the addon reader implementations in the pkg/addon package.
- Refactors all existing addon reader tests (gitee, github, gitlab, local) to use consistent, modern testing patterns like sub-tests.
- Replaces the old memory_reader_test.go with a completely refactored implementation.
- Adds new unit tests for previously untested functions, including various getters, client constructors, and RelativePath helpers.
- Improves http-based tests (gitlab, github, gitee) to use robust mock handlers that correctly simulate API behavior, including pagination and error states.
These changes improve the overall quality and reliability of the addon system and uncovered two minor bugs during the process.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(addon): add more unit tests for addon helpers
This commit continues to improve the test coverage for the pkg/addon package by adding unit tests for several helper and factory functions.
- Adds a test for WrapErrRateLimit to ensure GitHub API rate limit errors are handled correctly.
- Adds a test for ClassifyItemByPattern to verify addon file classification logic.
- Adds a test for the NewAsyncReader factory function to ensure correct reader instantiation.
- Adds tests for various utility functions in utils.go, including IsRegistryFuncs, InstallOptions, ProduceDefConflictError, and GenerateChartMetadata.
These tests increase the reliability of the addon installation and handling logic.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* feat(addon): add unit tests for versioned addon registry
This commit improves test coverage for the versioned addon registry logic in the pkg/addon package.
- Adds a unit test for resolveAddonListFromIndex to verify the logic for parsing Helm index files.
- Introduces a new table-driven test for the internal loadAddon function, covering success and multiple failure scenarios (e.g., version not found, download failure, corrupt data).
- Adds a new test helper, setupAddonTestServer, to create isolated mock HTTP servers for testing addon loading, improving test reliability and clarity.
These tests ensure the core logic for discovering and fetching versioned addons is robust and functions as expected.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* chore(addon): remove unused gitlab testdata path constant
- remove unused gitlab testdata path constant name `gitlabTestdataPath`
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* refactor(addon): improve unit tests based on review feedback
This commit addresses several code review comments to improve the quality, correctness, and robustness of the unit tests in the pkg/addon package.
- Refactors map key assertions in the memory reader test to use the correct "comma ok" idiom instead of assert.NotNil.
- Updates the GitHub reader test to use a compliant addon mock that includes the required template.cue file.
- Modifies the chart metadata test in utils_test.go to use t.TempDir() for better test isolation and automatic cleanup.
- Switches from assert.NotNil to require.NotNil in the versioned registry test to prevent panics on nil pointers.
These changes make the test suite more robust, reliable, and easier to maintain.
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
---------
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
The GetPath method for GitLabItem produced an incorrect path when an addon's base path in the repository was empty. This was caused by an off-by-one error in the string slicing logic that always assumed a base path separator existed, incorrectly truncating the first character of the file path.
This commit corrects the logic by adding a check for an empty base path, ensuring the full path is returned in that case.
Fixes#6899
Signed-off-by: Ashvin Bambhaniya <ashvin.bambhaniya@improwised.com>
* Feat(#5861): Support addon dependencies version ranges
This change enables addon maintainers to define version ranges for
dependencies in an addon's metadata.yaml file.
This behavior is similar to the version range allowed in the `system`
section of the metadata file. The version range expression for
`dependencies` follows the same format as for `system`.
Example:
```yaml
dependencies:
- name: addon1
version: ">= 2.3.3, < 3.0.0"
- name: addon2
version: ">= 0.1.0, < 1.0.0"
```
When installing an addon, the behavior varies depending on whether the
dependency is already installed.
If a dependency is already installed, the installed version will be
validated against the version range, and installation will fail with an
error if there's a mismatch.
If a dependency is not installed, the version range will be used to
select the addon version to be installed. If no addon version matching
the range exists, the installation will fail with an error.
Fixes#5861
Signed-off-by: Michael Russo <merusso@gmail.com>
* fix(lint): remove unused ctx parameter
Signed-off-by: Michael Russo <merusso@gmail.com>
* fix(lint): Add comment for IsLocalRegistry
Signed-off-by: Michael Russo <merusso@gmail.com>
* fix(lint): unexport AddonInfoMap
Signed-off-by: Michael Russo <merusso@gmail.com>
* fix(lint): unexport addonInfo
Signed-off-by: Michael Russo <merusso@gmail.com>
* chore: replace map[string]addonInfo with addonInfoMap for consistency
Signed-off-by: Michael Russo <merusso@gmail.com>
* fix: add short circuit when dependency version is not specified
Signed-off-by: Michael Russo <merusso@gmail.com>
* feat: Add test for multiple validation errors
Signed-off-by: Michael Russo <merusso@gmail.com>
* fix: Run go mod tidy
Signed-off-by: Michael Russo <merusso@gmail.com>
* feat: add tests for ToVersionedRegistry
Signed-off-by: Michael Russo <merusso@gmail.com>
* fix: simplify listInstalledAddons loop
Signed-off-by: Michael Russo <merusso@gmail.com>
* feat: listAvailableAddons returns addons from multiple sources
Changes:
* implement ListAddonInfo in Registry
* add interface to aid testing of listAvailableAddons
* add tests for listAvailableAddons
Signed-off-by: Michael Russo <merusso@gmail.com>
* refactor: simplify validateAddonDependencies
move logic from validateAddonDependencies to
calculateDependencyVersionToInstall.
Signed-off-by: Michael Russo <merusso@gmail.com>
* fix(lint): Implicit memory aliasing in for loop.
Signed-off-by: Michael Russo <merusso@gmail.com>
* fix(lint): non-wrapping format verb for fmt.Errorf
Signed-off-by: Michael Russo <merusso@gmail.com>
* fix(lint): indent-error-flow: (revive)
Signed-off-by: Michael Russo <merusso@gmail.com>
* fix(lint): unexported-return
Signed-off-by: Michael Russo <merusso@gmail.com>
* fix(lint): exported type comment format (revive)
Signed-off-by: Michael Russo <merusso@gmail.com>
* fix(lint): refactor AddonInfo to ItemInfo, avoid "stutter" (revive)
Signed-off-by: Michael Russo <merusso@gmail.com>
* fix(lint): add comment to exported method Registry.ListAddonInfo
Signed-off-by: Michael Russo <merusso@gmail.com>
* fix(lint): fix stutter, rename AddonInfoLister to ItemInfoLister
Signed-off-by: Michael Russo <merusso@gmail.com>
* chore: Add suite tests for Registry.ListAddonInfo()
Signed-off-by: Michael Russo <merusso@gmail.com>
* Test: add test cases for addon.sortVersionsDescending
Signed-off-by: Michael Russo <merusso@gmail.com>
---------
Signed-off-by: Michael Russo <merusso@gmail.com>
* chore(Makefile): Give the help information of Makefile to make it more readable
Signed-off-by: Xinwei Xiong <3293172751nss@gmail.com>
fix: Fixed some spelling mistakes
Signed-off-by: Xinwei Xiong <3293172751nss@gmail.com>
fix: part of the makefile shows a problem
Signed-off-by: Xinwei Xiong(cubxxw) <3293172751nss@gmail.com>
* fix: makefile targer image-cleanup
Signed-off-by: Xinwei Xiong(cubxxw) <3293172751nss@gmail.com>
---------
Signed-off-by: Xinwei Xiong(cubxxw) <3293172751nss@gmail.com>
