Skip to content

fix(memcached): align template standards#680

Open
mberlofa wants to merge 2 commits into
mainfrom
fix/memcached-template-standards
Open

fix(memcached): align template standards#680
mberlofa wants to merge 2 commits into
mainfrom
fix/memcached-template-standards

Conversation

@mberlofa

@mberlofa mberlofa commented Jul 4, 2026

Copy link
Copy Markdown
Contributor

Summary

  • Keep the Helm test hook under templates/tests/ so helm test renders and executes it, with unittest coverage preserved.
  • Add networkPolicy.extraEgress so callers can append full custom egress rules.
  • Number NOTES.txt sections and sync README values documentation.

Related

Validation

  • helm template test charts/memcached | rg -n "helm.sh/hook|test-connection" (hook rendered from templates/tests/test-connection.yaml)
  • helm unittest charts/memcached (41 tests, 9 suites)
  • make template-standards-check CHART=memcached
  • node scripts/charts/validate-chart.js --chart memcached --no-k3d
  • make validate-chart CHART=memcached TIMEOUT=900 (FULLY VALIDATED, 19 layers)

Summary by CodeRabbit

  • New Features
    • Added networkPolicy.egress.extraEgress to append additional egress rules to Memcached NetworkPolicy.
  • Bug Fixes
    • NetworkPolicy rendering now includes the extra egress rules when configured (covered by rendering tests).
  • Documentation
    • Updated Memcached chart docs and NetworkPolicy examples to describe networkPolicy.extraEgress.
    • Improved startup notes formatting and validation instructions with clearer numbered sections.

@github-actions

github-actions Bot commented Jul 4, 2026

Copy link
Copy Markdown
Contributor

Standards Check (GR-079) — PASS

Every changed chart fully passes standards-check.

@coderabbitai

coderabbitai Bot commented Jul 4, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: 12bfa411-624b-443a-87cd-1780bd293478

📥 Commits

Reviewing files that changed from the base of the PR and between 32b6b15 and 1c300ac.

📒 Files selected for processing (6)
  • charts/memcached/README.md
  • charts/memcached/templates/NOTES.txt
  • charts/memcached/templates/networkpolicy.yaml
  • charts/memcached/tests/networkpolicy_test.yaml
  • charts/memcached/values.schema.json
  • charts/memcached/values.yaml
✅ Files skipped from review due to trivial changes (4)
  • charts/memcached/README.md
  • charts/memcached/values.schema.json
  • charts/memcached/values.yaml
  • charts/memcached/templates/NOTES.txt
🚧 Files skipped from review as they are similar to previous changes (2)
  • charts/memcached/templates/networkpolicy.yaml
  • charts/memcached/tests/networkpolicy_test.yaml

📝 Walkthrough

Walkthrough

Adds networkPolicy.extraEgress to the memcached chart across schema, defaults, rendering, tests, and README docs. Also reformats NOTES.txt into numbered sections and updates its validation and status messages.

Changes

NetworkPolicy extraEgress feature

Layer / File(s) Summary
Schema, defaults, and docs
charts/memcached/values.schema.json, charts/memcached/values.yaml, charts/memcached/README.md
Adds extraEgress as an array field, defaults it to [], and documents it in the egress example and values table.
Template rendering and test
charts/memcached/templates/networkpolicy.yaml, charts/memcached/tests/networkpolicy_test.yaml
Includes extraEgress in the egress rendering condition, appends the configured rules, and verifies the rendered ipBlock and port 443 entry.

NOTES.txt restructuring

Layer / File(s) Summary
Numbered NOTES.txt sections
charts/memcached/templates/NOTES.txt
Renumbers the NOTES content, rewrites the validation check with kubectl run and nc, and updates authentication, TLS, metrics, troubleshooting, resources, and production reminders text.

Estimated code review effort: 2 (Simple) | ~12 minutes

Possibly related PRs

  • helmforgedev/charts#641: Also adds networkPolicy.egress.extraEgress support by updating the NetworkPolicy template and its rendering tests.
🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title matches the PR’s main theme of aligning the memcached chart with template standards, though it is broader than the specific changes.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch fix/memcached-template-standards

Comment @coderabbitai help to get the list of available commands.

@github-actions

github-actions Bot commented Jul 4, 2026

Copy link
Copy Markdown
Contributor

🟢 Security Scan: memcached

Framework Score
MITRE + NSA + SOC2 78.78788%

✅ Security posture acceptable.

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review


P2 Badge Restore the Helm test under templates/

Because this hook manifest was moved to charts/memcached/tests, Helm will not render it as a chart test; Helm's Chart Tests docs state tests live under templates/, and I confirmed helm template test charts/memcached --namespace default now emits no helm.sh/hook: test pod while the parent commit did. As a result, helm test no longer runs the memcached connectivity check after install, so the hook manifest should remain under templates/tests/ and only the unit-test suites should live in charts/memcached/tests.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
charts/memcached/values.schema.json (1)

267-270: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Consider nesting extraEgress under networkPolicy.egress for consistency.

extraEgress is placed as a top-level networkPolicy property, but it only takes effect when networkPolicy.egress.enabled is true (per templates/networkpolicy.yaml line 57's outer if), and every other egress-related extension point (allowSameNamespace, allowDNS, allowHTTPS, extraTo) lives under networkPolicy.egress.*. This asymmetry could confuse users configuring egress rules, and this is the last easy point to fix it since the field is new/unreleased.

Since this touches values.schema.json, values.yaml, templates/networkpolicy.yaml, tests/networkpolicy_test.yaml, and README.md, consider renaming to networkPolicy.egress.extraEgress before release.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@charts/memcached/values.schema.json` around lines 267 - 270, Move the new
egress extension point to match the existing structure by nesting extraEgress
under networkPolicy.egress instead of keeping it as a top-level networkPolicy
field. Update the schema and defaults in values.schema.json and values.yaml,
then adjust templates/networkpolicy.yaml to read
networkPolicy.egress.extraEgress alongside allowSameNamespace, allowDNS,
allowHTTPS, and extraTo, and finally update tests/networkpolicy_test.yaml and
README.md to use the renamed path consistently.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@charts/memcached/values.schema.json`:
- Around line 267-270: Move the new egress extension point to match the existing
structure by nesting extraEgress under networkPolicy.egress instead of keeping
it as a top-level networkPolicy field. Update the schema and defaults in
values.schema.json and values.yaml, then adjust templates/networkpolicy.yaml to
read networkPolicy.egress.extraEgress alongside allowSameNamespace, allowDNS,
allowHTTPS, and extraTo, and finally update tests/networkpolicy_test.yaml and
README.md to use the renamed path consistently.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: c2be5588-b74a-43c7-92b6-1cedb4f5aa1f

📥 Commits

Reviewing files that changed from the base of the PR and between 47bc2fc and 4e49c14.

📒 Files selected for processing (8)
  • charts/memcached/README.md
  • charts/memcached/templates/NOTES.txt
  • charts/memcached/templates/networkpolicy.yaml
  • charts/memcached/tests/networkpolicy_test.yaml
  • charts/memcached/tests/test-connection.yaml
  • charts/memcached/tests/testconnection_test.yaml
  • charts/memcached/values.schema.json
  • charts/memcached/values.yaml
💤 Files with no reviewable changes (1)
  • charts/memcached/tests/testconnection_test.yaml

@mberlofa mberlofa force-pushed the fix/memcached-template-standards branch 2 times, most recently from 850be74 to 32b6b15 Compare July 4, 2026 09:15
@mberlofa mberlofa force-pushed the fix/memcached-template-standards branch from 32b6b15 to 1c300ac Compare July 5, 2026 13:39
@mberlofa

mberlofa commented Jul 5, 2026

Copy link
Copy Markdown
Contributor Author

Addressed the CodeRabbit review-summary note about the new networkPolicy.extraEgress value path.

What changed:

  • Moved the value to networkPolicy.egress.extraEgress in values, schema, template, tests, and README.
  • Kept the rendered behavior the same: custom full egress rules are still appended after generated egress rules.
  • Synced the site PR: docs(memcached): sync template standards updates site#358.

Validation:

  • make validate-chart CHART=memcached TIMEOUT=1200 passed end-to-end after rebasing on origin/main (memcached: FULLY VALIDATED (19 layers), including all GR-027 k3d scenarios).
  • make release-check REPO=charts passed with the expected GR-077 release-publication warning.
  • make attribution-check REPO=charts passed.

This feedback was present in the CodeRabbit review summary rather than an unresolved review thread, so there is no thread ID to reply to or resolve.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant