fix: Added support for listing IB interfaces

[hwadekar-nv]

Description

Added support for listing InfiniBand (IB) interfaces with filtering capabilities.

• Enabled querying IB interfaces by InstanceID
• Enabled querying IB interfaces by InfiniBandPartitionID

Type of Change

• Feature - New feature or functionality (feat:)
• Fix - Bug fixes (fix:)
• Chore - Modification or removal of existing functionality (chore:)
• Refactor - Refactoring of existing functionality (refactor:)
• Docs - Changes in documentation or OpenAPI schema (docs:)
• CI - Changes in Github workflows. Requires additional scrutiny (ci:)
• Version - Issuing a new release version (version:)

Services Affected

• API - API models or endpoints updated
• Workflow - Workflow service updated
• DB - DB DAOs or migrations updated
• Site Manager - Site Manager updated
• Cert Manager - Cert Manager updated
• Site Agent - Site Agent updated
• RLA - RLA service updated
• Powershelf Manager - Powershelf Manager updated

Related Issues (Optional)

Breaking Changes

• This PR contains breaking changes

Testing

• Unit tests added/updated
• Integration tests added/updated
• Manual testing performed
• No testing required (docs, internal refactor, etc.)

Additional Notes

[copy-pr-bot]

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

[github-actions]

🔐 TruffleHog Secret Scan

✅ No secrets or credentials found!

Your code has been scanned for 700+ types of secrets and credentials. All clear! 🎉

🔗 View scan details

_{🕐 Last updated: 2026-03-09 23:22:05 UTC | Commit: aa8260b}

[github-actions]

🛡️ Vulnerability Scan

🚨 Found 64 vulnerability(ies)
📊 vs main: 64 (no change)

Severity Breakdown:

• 🔴 Critical/High: 64
• 🟡 Medium: 0
• 🔵 Low/Info: 0

📋 Top Vulnerabilities

• AVD-KSV-0109: Artifact: deploy/kustomize/base/api/configmap.yaml
  Type: kubernetes
  Vulnerability AVD-KSV-0109
  Severity: HIGH
  Message: ConfigMap 'carbide-rest-api-config' in 'default' namespace stores secrets in key(s) or value(s) '{" password"}'
  Link: AVD-KSV-0109 (deploy/kustomize/base/api/configmap.yaml)
• KSV014: Artifact: deploy/kustomize/base/api/deployment.yaml
  Type: kubernetes
  Vulnerability KSV014
  Severity: HIGH
  Message: Container 'api' of Deployment 'carbide-rest-api' should set 'securityContext.readOnlyRootFilesystem' to true
  Link: KSV014 (deploy/kustomize/base/api/deployment.yaml)
• KSV118: Artifact: deploy/kustomize/base/api/deployment.yaml
  Type: kubernetes
  Vulnerability KSV118
  Severity: HIGH
  Message: container carbide-rest-api in default namespace is using the default security context
  Link: KSV118 (deploy/kustomize/base/api/deployment.yaml)
• KSV118: Artifact: deploy/kustomize/base/api/deployment.yaml
  Type: kubernetes
  Vulnerability KSV118
  Severity: HIGH
  Message: deployment carbide-rest-api in default namespace is using the default security context, which allows root privileges
  Link: KSV118 (deploy/kustomize/base/api/deployment.yaml)
• KSV014: Artifact: deploy/kustomize/base/db/job.yaml
  Type: kubernetes
  Vulnerability KSV014
  Severity: HIGH
  Message: Container 'migrations' of Job 'carbide-rest-db-migration' should set 'securityContext.readOnlyRootFilesystem' to true
  Link: KSV014 (deploy/kustomize/base/db/job.yaml)
• KSV014: Artifact: deploy/kustomize/base/db/job.yaml
  Type: kubernetes
  Vulnerability KSV014
  Severity: HIGH
  Message: Container 'wait-for-postgres' of Job 'carbide-rest-db-migration' should set 'securityContext.readOnlyRootFilesystem' to true
  Link: KSV014 (deploy/kustomize/base/db/job.yaml)
• KSV118: Artifact: deploy/kustomize/base/db/job.yaml
  Type: kubernetes
  Vulnerability KSV118
  Severity: HIGH
  Message: container carbide-rest-db-migration in default namespace is using the default security context
  Link: KSV118 (deploy/kustomize/base/db/job.yaml)
• KSV118: Artifact: deploy/kustomize/base/db/job.yaml
  Type: kubernetes
  Vulnerability KSV118
  Severity: HIGH
  Message: container carbide-rest-db-migration in default namespace is using the default security context
  Link: KSV118 (deploy/kustomize/base/db/job.yaml)
• KSV118: Artifact: deploy/kustomize/base/db/job.yaml
  Type: kubernetes
  Vulnerability KSV118
  Severity: HIGH
  Message: job carbide-rest-db-migration in default namespace is using the default security context, which allows root privileges
  Link: KSV118 (deploy/kustomize/base/db/job.yaml)
• KSV014: Artifact: deploy/kustomize/base/keycloak/deployment.yaml
  Type: kubernetes
  Vulnerability KSV014
  Severity: HIGH
  Message: Container 'keycloak' of Deployment 'keycloak' should set 'securityContext.readOnlyRootFilesystem' to true
  Link: KSV014 (deploy/kustomize/base/keycloak/deployment.yaml)

🔗 View full details in Security tab

_{🕐 Last updated: 2026-03-09 20:44:54 UTC | Commit: 4c5c0ef}

[github-actions]

Test Results

7 798 tests  +47   7 798 ✅ +47   8m 7s ⏱️ +20s
  136 suites ± 0       0 💤 ± 0 
   14 files   ± 0       0 ❌ ± 0 

Results for commit 22f5364. ± Comparison against base commit 58e03a0.

♻️ This comment has been updated with latest results.

[thossain-nv]

InfiniBand Interfaces don't have name attribute, these 2 need to be removed.

[thossain-nv]

When we do this delegation and the Instance ID is non-existent or doesn't belong to Tenant, user will receive messages like Invalid Instance ID in query and be confused as to why we are saying they sent something in query.

Previously I suggested that NewGetAllNVLinkInterfaceHandler can have an explicit argument queryOverride instead of modifying the request object. Based on values int he query override, we can change message tone and skip some checks etc.

[thossain-nv]

Needs total limit.