feat(cozystack): enable allocateNodeCIDRs by default

[lexfrei]

Summary

• Enable automatic node CIDR allocation for all clusters by default

This change sets allocateNodeCIDRs: true in the default values, ensuring that node CIDRs are allocated automatically without requiring explicit configuration.

Test plan

• Verify cluster provisioning works with the new default
• Confirm kube-controller-manager receives correct allocate-node-cidrs flag

Summary by CodeRabbit

• Chores
  • Updated default cluster networking configuration to enable automatic node CIDR allocation.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

📝 Walkthrough

Walkthrough

The Helm chart default configuration for Cozystack is updated to enable CIDR allocation for cluster nodes by changing the allocateNodeCIDRs flag from false to true in the values file.

Changes

Cohort / File(s)	Summary
Helm Chart Configuration charts/cozystack/values.yaml	Changed allocateNodeCIDRs boolean value from false to true to enable default node CIDR allocation

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

🐰 A flag flipped with care,
From false to true with flair,
Node CIDRs now flow free,
Network harmony achieved, you see! ✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 40.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and specifically describes the main change: enabling allocateNodeCIDRs by default, which matches the single configuration value change in the PR.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

📜 Recent review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6fdfaef and 0ff2aea.

📒 Files selected for processing (1)

• charts/cozystack/values.yaml

🚧 Files skipped from review as they are similar to previous changes (1)

• charts/cozystack/values.yaml

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello @lexfrei, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request streamlines Cozystack cluster provisioning by enabling automatic node CIDR allocation as a default setting. It also improves the talm init command by introducing an explicit cluster naming option, enhancing user control and clarity. A significant refactoring of the template rendering engine ensures robust handling of complex YAML outputs, correctly separating and processing various Kubernetes resource types, and standardizing path formats for cross-platform compatibility.

Highlights

• Default Node CIDR Allocation: The allocateNodeCIDRs setting in charts/cozystack/values.yaml is now true by default, enabling automatic node CIDR allocation for all clusters without explicit configuration.
• Explicit Cluster Naming: The talm init command now supports a new --name (-N) flag, allowing users to explicitly define the cluster name instead of it being derived from the directory. The README.md has been updated to reflect this change.
• Enhanced Multi-Document YAML Handling: The template rendering engine has been refactored to correctly parse and process multi-document YAML outputs. it now distinguishes between core Talos configuration patches and other Kubernetes resource definitions (e.g., UserVolumeConfig), ensuring all documents are properly handled and appended.
• Path Normalization for Helm Engine: New utility functions (NormalizeTemplatePath) have been introduced to ensure consistent path handling across different operating systems, converting all path separators to forward slashes for compatibility with the Helm rendering engine.
• Refactored Test Suite: New test files (pkg/engine/engine_test.go, pkg/engine/engine_windows_test.go) have been added to cover the new multi-document parsing and path normalization logic, while outdated client provider tests were removed from pkg/engine/helm/engine_test.go.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a new -N flag for specifying the cluster name during talm init, making it a required parameter unless specific update/encryption flags are used, and updates the README.md example. It also defaults allocateNodeCIDRs to true in values.yaml. A major change involves refactoring the template rendering logic to correctly handle multiple YAML documents within a single template output, separating Talos configuration patches from other Kubernetes resource definitions (like UserVolumeConfig). This includes introducing path normalization for cross-platform compatibility and new functions (isTalosConfigPatch, extractExtraDocuments, NormalizeTemplatePath) to manage this separation and path handling, with corresponding tests added. However, the review comment points out a regression in test coverage due to the removal of TestRenderWithClientProvider and TestRenderWithClientProvider_error from pkg/engine/helm/engine_test.go, which covered the critical lookup functionality for dynamic data fetching from Kubernetes, requesting their restoration and adaptation.

I am having trouble creating individual review comments. Click here to see my feedback.

pkg/engine/helm/engine_test.go (249-419)

A significant number of tests for the lookup functionality (TestRenderWithClientProvider and TestRenderWithClientProvider_error) have been removed. While the RenderWithClientProvider function may have been refactored, the lookup feature is a critical part of the templating engine that allows dynamic data fetching from a Kubernetes cluster.

Removing these tests creates a regression in test coverage for this important feature. Please restore these tests, adapting them to the new code structure (e.g., in pkg/engine/engine_test.go), to ensure the lookup functionality remains robust and well-tested.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

pkg/commands/template.go (1)

219-384: Consider extracting duplicate path resolution logic.

The path resolution logic appears twice (lines 219-272 for helm engine and lines 298-384 for modeline) with very similar fallback handling. Consider extracting this into a helper function to reduce duplication and improve maintainability.

Potential refactor approach

You could create a helper function like:

func resolveTemplatePathsRelativeToRoot(templatePaths []string, rootDir string) []string {
    resolved := make([]string, len(templatePaths))
    absRootDir, rootErr := filepath.Abs(rootDir)
    
    if rootErr != nil {
        for i, p := range templatePaths {
            resolved[i] = engine.NormalizeTemplatePath(p)
        }
        return resolved
    }
    
    // ... common resolution logic ...
    
    return resolved
}

Then call it for both the helm engine keys and modeline paths.

📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 3f34474 and 6fdfaef.

📒 Files selected for processing (8)

• README.md
• charts/cozystack/values.yaml
• pkg/commands/init.go
• pkg/commands/template.go
• pkg/engine/engine.go
• pkg/engine/engine_test.go
• pkg/engine/engine_windows_test.go
• pkg/engine/helm/engine_test.go

💤 Files with no reviewable changes (1)

• pkg/engine/helm/engine_test.go

🧰 Additional context used

🧬 Code graph analysis (3)

pkg/engine/engine_test.go (1)

pkg/engine/engine.go (1)

• NormalizeTemplatePath (64-66)

pkg/engine/engine_windows_test.go (1)

pkg/engine/engine.go (1)

• NormalizeTemplatePath (64-66)

pkg/commands/template.go (4)

pkg/commands/root_detection.go (1)

• ResolveSecretsPath (226-234)

pkg/commands/root.go (1)

• Config (38-73)

pkg/modeline/modeline.go (1)

• Config (12-16)

pkg/engine/engine.go (1)

• NormalizeTemplatePath (64-66)

🔇 Additional comments (14)

README.md (1)

59-59: LGTM! Documentation reflects the new cluster name flag.

The updated example command correctly demonstrates the new -N flag for specifying the cluster name.

charts/cozystack/values.yaml (1)

14-14: Verify backward compatibility for existing clusters.

Enabling node CIDR allocation by default changes networking behavior for all new deployments. Ensure that existing clusters using this chart won't be affected if they upgrade, and consider documenting this change in release notes.

pkg/engine/engine_windows_test.go (1)

1-40: LGTM! Comprehensive Windows path normalization tests.

The test cases properly cover backslash conversion scenarios specific to Windows, ensuring cross-platform compatibility.

pkg/commands/template.go (2)

144-144: LGTM! Proper error wrapping.

Good improvement using %w for error wrapping to preserve the error chain.

---

176-178: LGTM! Proper error handling added.

Good addition of error handling with proper wrapping and early return for file write operations.

pkg/engine/engine_test.go (1)

1-155: LGTM! Comprehensive test coverage.

Excellent test coverage for the new YAML patch handling and path normalization functionality. The tests cover:

• Different Talos config document types
• Non-Talos documents (UserVolumeConfig, SideroLinkConfig)
• Edge cases (empty documents, invalid YAML, CRLF line endings)
• Path normalization scenarios

pkg/engine/engine.go (4)

61-66: LGTM! Well-documented path normalization helper.

The exported NormalizeTemplatePath function provides consistent cross-platform path normalization. The comment clearly explains why this is necessary (Helm engine uses forward slashes).

---

245-246: LGTM! Correct use of path.Join for Helm engine keys.

Using path.Join instead of filepath.Join is correct here because Helm engine returns map keys with forward slashes regardless of the OS. The comment on line 245 clearly documents this behavior.

---

347-385: LGTM! Clean separation of Talos config from extra documents.

The implementation properly:

• Identifies Talos config patches (containing machine: or cluster: keys)
• Separates extra documents like UserVolumeConfig
• Handles CRLF line endings
• Uses a robust regex for YAML document separator matching

This addresses issue #66 mentioned in the tests.

---

388-389: LGTM! Proper handling of extra YAML documents.

The changes correctly:

1. Extract Talos patches separately from extra documents (lines 388-389)
2. Process only Talos patches for config generation (line 426)
3. Append extra documents to the output after Talos config (lines 543-548)

This ensures non-Talos documents like UserVolumeConfig are preserved in the final output.

Also applies to: 426-426, 543-548

pkg/commands/init.go (4)

36-44: LGTM! New cluster name flag added.

The new name field is properly integrated into the initCmdFlags structure.

---

75-84: LGTM! Proper validation logic.

The PreRunE validation correctly requires both preset and name for normal initialization, while allowing them to be optional for --encrypt, --decrypt, or --update operations.

---

311-311: Verify backward compatibility: cluster name now from flag.

The cluster name is now sourced from initCmdFlags.name instead of being derived from the directory path. This is a behavioral change that might affect existing workflows or scripts.

Ensure this change is documented in release notes and migration guides.

---

675-676: LGTM! Clear flag documentation.

The help text properly indicates when the preset and name flags are not required, improving the user experience.