CP-37207: Implement configurable enforce flag for validator diagnostics #646
+396
−12
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The validator's pre-start diagnostic stage had a hardcoded `enforce: true` setting
that wasn't actually wired up to affect behavior. This made it impossible for users
to control whether diagnostic failures should block pod startup.
Additionally, when the diagnostic runner encountered errors (distinct from check
failures), it would cause the validator to fail even when enforcement was disabled,
effectively making `enforce: false` meaningless in error scenarios.
Functional Change:
Before: The `enforce` setting in validator config was vestigial - diagnostic failures
always logged warnings but never blocked pod startup. Runner errors would crash the
validator regardless of enforce setting.
After: When `enforce: true`, failing pre-start checks cause the validator to exit
with error code 1, blocking pod startup via the lifecycle hook. When `enforce: false`
(now the default), failures are logged and reported via telemetry but the pod starts
normally. Runner errors are handled gracefully when enforcement is disabled.
Solution:
1. Added `components.validator.enforce` to values.yaml with default `false`
- Includes documentation explaining behavior for both settings
- Updated JSON schema with enforce boolean property
2. Updated helm/templates/validator-cm.yaml to use the configurable value
- Pre-start stage now uses `{{ .Values.components.validator.enforce }}`
- Other stages remain hardcoded to `enforce: false`
3. Enhanced diagnostic runner (app/domain/diagnostic/runner/runner.go):
- Added `enforce` and `hasFailures` fields to runner struct
- `NewRunner()` captures enforce setting from stage config
- Added `ShouldFail()` method: returns true only when enforce=true AND checks failed
- Added `IsEnforced()` method: exposes enforce state for error handling
4. Modified command.go to implement enforcement behavior:
- After `Run()`, checks `engine.ShouldFail()` to determine exit behavior
- When enforce=true and checks fail: logs failures and returns error
- When enforce=false and runner errors: warns and continues
Validation:
- Added 5 new test functions to runner_test.go (coverage: 69.5% -> 86.7%):
- TestRunner_ShouldFail: verifies enforce+hasFailures logic
- TestRunner_EnforceSetFromStageConfig: verifies config parsing
- TestRunner_HasFailuresTracking: verifies failure detection
- TestRunner_ShouldFailIntegration: end-to-end config->behavior test
- TestRunner_IsEnforced: verifies IsEnforced() method
- Added helm/tests/validator_enforce_test.yaml with 6 test cases:
- Default value (false), explicit true/false, other stages unaffected
- Added 3 schema validation test files:
- components.validator.enforce.true.pass.yaml
- components.validator.enforce.false.pass.yaml
- components.validator.enforce.invalid.fail.yaml
- Deployed to Brahms cluster and verified:
- enforce=true + invalid API key: pod enters Init:CrashLoopBackOff (expected)
- enforce=false + invalid API key: pod starts normally with warnings (expected)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The validator's pre-start diagnostic stage had a hardcoded
enforce: truesetting that wasn't actually wired up to affect behavior. This made it impossible for users to control whether diagnostic failures should block pod startup.Additionally, when the diagnostic runner encountered errors (distinct from check failures), it would cause the validator to fail even when enforcement was disabled, effectively making
enforce: falsemeaningless in error scenarios.Functional Change:
Before: The
enforcesetting in validator config was vestigial - diagnostic failures always logged warnings but never blocked pod startup. Runner errors would crash the validator regardless of enforce setting.After: When
enforce: true, failing pre-start checks cause the validator to exit with error code 1, blocking pod startup via the lifecycle hook. Whenenforce: false(now the default), failures are logged and reported via telemetry but the pod starts normally. Runner errors are handled gracefully when enforcement is disabled.Solution:
Added
components.validator.enforceto values.yaml with defaultfalseUpdated helm/templates/validator-cm.yaml to use the configurable value
{{ .Values.components.validator.enforce }}enforce: falseEnhanced diagnostic runner (app/domain/diagnostic/runner/runner.go):
enforceandhasFailuresfields to runner structNewRunner()captures enforce setting from stage configShouldFail()method: returns true only when enforce=true AND checks failedIsEnforced()method: exposes enforce state for error handlingModified command.go to implement enforcement behavior:
Run(), checksengine.ShouldFail()to determine exit behaviorValidation:
Added 5 new test functions to runner_test.go (coverage: 69.5% -> 86.7%):
Added helm/tests/validator_enforce_test.yaml with 6 test cases:
Added 3 schema validation test files:
Deployed to Brahms cluster and verified: