97 node migration

[brucetony]

Summary by CodeRabbit

• New Features

  • v0.0.11: Helm deployment performance improvements, UI sign-in fix when ingress is disabled, private S3 bucket support
  • v0.1.0: New deployment configuration structure with multiple routing modes (ingress/gateway/none), VictoriaLogs log storage integration, updated credentials configuration

• Documentation

  • Updated deployment guides with revised prerequisites and configuration examples
  • Clarified authentication setup and added optional data store configuration instructions

[coderabbitai]

Warning

Review limit reached

@brucetony, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 48 minutes and 38 seconds. Learn how PR review limits work.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 5fe3c6c8-7bfa-4c61-b2a4-a90e8040f3e7

📥 Commits

Reviewing files that changed from the base of the PR and between b0619df and 5fe3422.

📒 Files selected for processing (3)

• src/guide/deployment/node-installation.md
• src/guide/deployment/node-registration.md
• src/versions/v0.1.0.md

📝 Walkthrough

Walkthrough

This PR documents the FLAME Node Helm chart v0.1.0 release, a breaking-change version that restructures values configuration: global sections consolidate into expose (routing), auth credentials rename from robot to client IDs, and a new optional dataStore subchart replaces inline MinIO configuration. Updated installation guides, example YAML files, and release notes explain the migration.

Changes

v0.1.0 Release and Configuration Migration

Layer / File(s)	Summary
v0.1.0 Release Notes and Version Registration src/versions/v0.1.0.md, src/versions/v0.0.11.md, src/versions/v0.0.10.md, src/.vitepress/routes/sidebar/versions.ts	v0.1.0 release notes document breaking Helm chart changes: unified expose config (replaces global.node.ingress), hub.auth.clientID/clientSecret (replaces robot credentials), removed default credentials, VictoriaLogs as primary logs UI, and dataStore subchart alias. Includes migration mapping table from prior versions. v0.0.11 notes cover interim improvements. Sidebar routing updated to register new version pages.
Helm Values Configuration Examples src/public/files/values_no_reverse_proxy_example.yaml, src/public/files/values_separate_idp.yaml	Example YAML files demonstrate the new values structure: top-level expose block with routing type and hostname, hub.auth.clientID/clientSecret for Hub authentication, userIdp.provider: keycloak, and ui.idp credentials for Node UI identity-provider configuration.
Node Installation and Deployment Guide src/guide/deployment/node-installation.md	Installation guide comprehensively updated for v0.1.0: requirements and Kubernetes prerequisites include DNS verification commands; Helm preparation section demonstrates new hub.auth and hub.crypto structure with expose.type routing; RBAC configuration clarified with roleClaimName guidance and explicit disable instruction; custom IDP setup rewritten with updated YAML and JSON examples; CA certificate and proxy configuration sections reorganized; "Deploying without a Domain Name" now uses expose.type: "none"; new sections for offline mode enablement and optional MinIO data store enablement via dataStore settings.
Credential Terminology and Data Store Documentation Updates src/guide/deployment/node-registration.md, src/guide/admin/data-store-management.md	Node registration guide updates credential section terminology from "Robot Credentials" to "Client Credentials", reflecting the ID/secret naming change. Data store management documentation adds port 9000 guidance for bundled MinIO instance connections.

Sequence Diagram

sequenceDiagram
  participant Operator
  participant Guide as Installation Guide
  participant Helm as Helm Values
  participant Cluster as K8s Cluster
  
  Operator->>Guide: Review prerequisites (K8s, DNS)
  Operator->>Guide: Prepare values.yaml with expose config
  Operator->>Helm: Configure hub.auth.clientID/clientSecret
  Operator->>Helm: Select expose.type: ingress|gateway|none
  Operator->>Helm: Configure userIdp.provider and ui.idp
  Operator->>Helm: Optionally enable dataStore subchart
  Operator->>Cluster: Apply Helm chart with new values

Loading

Estimated Code Review Effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly Related PRs

• PrivateAIM/documentation#98: Both PRs modify src/guide/admin/data-store-management.md to document private S3/MinIO data-store connection details, including port 9000 configuration.

Poem

🐰 A chart so grand, v0.1 arrives,
From robot creds to client, changes thrive,
One expose block now rules them all,
With migration notes to heed the call,
New docs and examples, shiny and bright—
This upgrade path feels just right! ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title '97 node migration' is vague and does not clearly convey the main changes in the pull request, which involve updating version routes, documentation, configuration examples, and release notes for v0.0.11 and v0.1.0.	Consider a more descriptive title such as 'Add v0.1.0 and v0.0.11 release notes and update node deployment documentation' to better communicate the changeset scope.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch 97-node-migration

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 5

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

src/public/files/values_no_reverse_proxy_example.yaml (1)

15-20: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Update this example to the v0.1.0 Keycloak values schema.

This sample still uses the pre-migration keycloak.auth.adminUser/adminPassword keys, while the release notes in this PR move those credentials to keycloakx.auth.adminUsername/adminPassword. As written, this example is inconsistent with the documented breaking change and is likely to misconfigure fresh installs.

Suggested fix

-keycloak:
+keycloakx:
   auth:
-    adminUser: admin
+    adminUsername: admin
     adminPassword: admin

   proxyHeaders: ""

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/public/files/values_no_reverse_proxy_example.yaml` around lines 15 - 20,
The example YAML uses the old Keycloak keys keycloak.auth.adminUser and
keycloak.auth.adminPassword; update it to the v0.1.0 schema by renaming the
top-level key from keycloak to keycloakx and changing auth.adminUser to
auth.adminUsername (leave the adminPassword key name as adminPassword), i.e.,
replace keycloak.auth.adminUser -> keycloakx.auth.adminUsername and keycloak ->
keycloakx so the example matches the documented breaking change.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/guide/deployment/node-installation.md`:
- Around line 7-9: Update stale "robot credentials" references to the new
terminology "client credentials": change the intro link target from
node-registration#robot-credentials to node-registration#client-credentials,
replace the phrase "Credentials for your node's robot were generated and saved"
with "Client credentials for your node were generated and saved", and update any
later mentions (e.g., the note about the values file containing "robot
credentials") to read "client credentials"; ensure you update both the block
around the initial list and the later occurrences referenced (lines ~223-224) so
all anchors and descriptive text consistently use client credentials.
- Around line 103-111: Update the wording that currently calls the Ingress API
“deprecated”: change the phrase to indicate the Ingress API is a stable/frozen
API (e.g., "the Ingress API is stable/frozen") and clarify that Gateway API is
recommended for newer features; update the sentence containing "Most kubernetes
distributions previously used only the Ingress API for routing traffic, but that
has been recently deprecated in favor of the new Gateway API" to instead state
that Ingress is stable/frozen while Gateway provides newer features and is the
recommended option, keeping the rest of the helm-chart guidance (supporting both
APIs and suggesting "ingress" if unsure) intact and keeping links to the Gateway
API install guide.

In `@src/guide/deployment/node-registration.md`:
- Line 64: Update the sentence that currently reads "required for the deploying
the FLAME Node" to correct grammar by changing it to "required for deploying the
FLAME Node"; locate the exact sentence in
src/guide/deployment/node-registration.md (the phrase "required for the
deploying the FLAME Node") and replace it with the corrected wording.

In `@src/versions/v0.0.11.md`:
- Around line 11-12: Replace the ambiguous link text "[here]" in the sentence
about private buckets with a descriptive title using the destination page's
title ("Bucket setup for data store" or the page's exact title from the docs) so
the changelog link is accessible and markdownlint-compliant; update the sentence
that currently contains the link to use that descriptive text for the URL (refer
to the line mentioning "Full documentation on how to do this can be found
[here](https://docs.privateaim.net/guide/admin/bucket-setup-for-data-store.html)").

In `@src/versions/v0.1.0.md`:
- Around line 121-123: Duplicate mapping for `.dataStore.minio` appears twice in
the migration table; remove the redundant entry so only one `.dataStore.minio`
row remains (keep the `.victorialogs.ingress.enabled` row intact) and ensure
table alignment/spacing stays consistent after deleting the duplicate line.

---

Outside diff comments:
In `@src/public/files/values_no_reverse_proxy_example.yaml`:
- Around line 15-20: The example YAML uses the old Keycloak keys
keycloak.auth.adminUser and keycloak.auth.adminPassword; update it to the v0.1.0
schema by renaming the top-level key from keycloak to keycloakx and changing
auth.adminUser to auth.adminUsername (leave the adminPassword key name as
adminPassword), i.e., replace keycloak.auth.adminUser ->
keycloakx.auth.adminUsername and keycloak -> keycloakx so the example matches
the documented breaking change.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: cc0987f1-cdb8-4fe7-a015-e161bd581b1d

📥 Commits

Reviewing files that changed from the base of the PR and between b92bc0a and b0619df.

📒 Files selected for processing (9)

• src/.vitepress/routes/sidebar/versions.ts
• src/guide/admin/data-store-management.md
• src/guide/deployment/node-installation.md
• src/guide/deployment/node-registration.md
• src/public/files/values_no_reverse_proxy_example.yaml
• src/public/files/values_separate_idp.yaml
• src/versions/v0.0.10.md
• src/versions/v0.0.11.md
• src/versions/v0.1.0.md