MGMT-22553: Add missing fallbacks for network configs in VIP validation

[LiorSoffer]

https://issues.redhat.com/browse/MGMT-22553

[coderabbitai]

Walkthrough

Updates VIP validation to make update-time network fields conditional: existing cluster networks are preserved when update params omit them; VIP validation gains a flag controlling whether MachineNetworks from params are considered. Tests added for partial network updates in dual‑stack scenarios.

Changes

Cohort / File(s)	Summary
VIP validation & update flow internal/cluster/validations/validations.go	- ValidateClusterUpdateVIPAddresses now builds target configuration by defaulting ClusterNetworks, ServiceNetworks, and MachineNetworks to current cluster values and only overriding with non-empty params. - ValidateClusterCreateIPAddresses delegates to validateVIPAddresses with a flag indicating whether MachineNetworks were provided. - validateVIPAddresses gained machineNetworksInParams parameter; validation now checks VIP membership in MachineNetworks only when that flag is true and adjusts dual‑stack and auto‑calculation logic accordingly. Comments added clarifying behavior.
Tests for partial updates internal/cluster/validations/validation_test.go	Added a new test suite ValidateClusterUpdateVIPAddresses - partial network updates that sets up a dual‑stack cluster and verifies that updating only ClusterNetworks does not modify MachineNetworks.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

✨ Finishing touches

• 📝 Generate docstrings

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

Hi @LiorSoffer. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

internal/cluster/validations/validation_test.go (1)

1064-1107: Expand test coverage for partial network updates.

The test only covers updating ClusterNetworks in isolation. Consider adding test cases for:

1. ServiceNetworks-only updates
2. MachineNetworks-only updates
3. Updating combinations of network types
4. Verifying that non-updated network types retain their original values (not just that validation passes)

This ensures the fallback mechanism works correctly for all network configuration scenarios.

Example additional test cases

It("preserves ClusterNetworks and ServiceNetworks when only updating MachineNetworks", func() {
	params := &models.V2ClusterUpdateParams{
		MachineNetworks: []*models.MachineNetwork{
			{Cidr: "192.168.2.0/24"},
			{Cidr: "2001:db8:1::/64"},
		},
	}
	
	err := ValidateClusterUpdateVIPAddresses(true, &cluster, params, nil)
	Expect(err).ShouldNot(HaveOccurred())
})

It("preserves MachineNetworks and ClusterNetworks when only updating ServiceNetworks", func() {
	params := &models.V2ClusterUpdateParams{
		ServiceNetworks: []*models.ServiceNetwork{
			{Cidr: "172.31.0.0/16"},
			{Cidr: "fd03::/112"},
		},
	}
	
	err := ValidateClusterUpdateVIPAddresses(true, &cluster, params, nil)
	Expect(err).ShouldNot(HaveOccurred())
})

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to Reviews -> Disable Knowledge Base setting

📥 Commits

Reviewing files that changed from the base of the PR and between b19c6a5 and a5ddc66.

📒 Files selected for processing (2)

• internal/cluster/validations/validation_test.go
• internal/cluster/validations/validations.go

🧰 Additional context used

📓 Path-based instructions (1)

**

⚙️ CodeRabbit configuration file

-Focus on major issues impacting performance, readability, maintainability and security. Avoid nitpicks and avoid verbosity.

Files:

• internal/cluster/validations/validations.go
• internal/cluster/validations/validation_test.go

[omer-vishlitzky]

/ok-to-test

[codecov]

Codecov Report

❌ Patch coverage is 38.88889% with 11 lines in your changes missing coverage. Please review.
✅ Project coverage is 43.61%. Comparing base (b19c6a5) to head (bc64b65).
⚠️ Report is 4 commits behind head on master.

Files with missing lines	Patch %	Lines
internal/cluster/validations/validations.go	38.88%	5 Missing and 6 partials ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #8704      +/-   ##
==========================================
+ Coverage   43.51%   43.61%   +0.10%     
==========================================
  Files         411      411              
  Lines       71264    71276      +12     
==========================================
+ Hits        31007    31088      +81     
+ Misses      37498    37385     -113     
- Partials     2759     2803      +44     

Files with missing lines	Coverage Δ
internal/cluster/validations/validations.go	36.72% <38.88%> (+17.72%)	⬆️

... and 3 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[openshift-ci-robot]

@LiorSoffer: This pull request references MGMT-22553 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the bug to target the "4.22.0" version, but no target version was set.

Details

In response to this:

https://issues.redhat.com/browse/MGMT-22553

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: LiorSoffer
Once this PR has been reviewed and has the lgtm label, please assign ori-amizur for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

internal/cluster/validations/validations.go (1)

229-230: Minor: Trailing whitespace on line 230.

The line has trailing whitespace after the closing parenthesis.

-	return validateVIPAddresses(ipV6Supported, targetConfiguration, params.MachineNetworks != nil) 	
+	return validateVIPAddresses(ipV6Supported, targetConfiguration, params.MachineNetworks != nil)

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Cache: Disabled due to data retention organization setting

Knowledge base: Disabled due to Reviews -> Disable Knowledge Base setting

📥 Commits

Reviewing files that changed from the base of the PR and between a5ddc66 and bc64b65.

📒 Files selected for processing (2)

• internal/cluster/validations/validation_test.go
• internal/cluster/validations/validations.go

🚧 Files skipped from review as they are similar to previous changes (1)

• internal/cluster/validations/validation_test.go

🧰 Additional context used

📓 Path-based instructions (1)

**

⚙️ CodeRabbit configuration file

-Focus on major issues impacting performance, readability, maintainability and security. Avoid nitpicks and avoid verbosity.

Files:

• internal/cluster/validations/validations.go

🧬 Code graph analysis (1)

internal/cluster/validations/validations.go (1)

models/cluster.go (1)

• Cluster (24-284)

🔇 Additional comments (4)

internal/cluster/validations/validations.go (4)

314-332: Sound approach for preserving existing network configurations on partial updates.

The pattern of initializing from cluster values and only overriding when len(params.X) > 0 correctly handles both nil (omitted) and empty slice cases, ensuring partial updates (e.g., updating only ClusterNetworks) don't unintentionally clear other network fields. This addresses the concern from the previous review about empty slice handling for network params.

---

349-353: Good documentation of the validation deferral rationale.

The comment clearly explains why VIP-in-network validation is conditional: in saas mode, MachineNetworks may be auto-calculated from VIPs later, with the actual validation occurring in updateNonDhcpNetworkParams.

---

563-566: Correct conditional gating for VIP-in-network validation.

The dual condition (len > 0 && machineNetworksInParams) correctly ensures validation only runs when MachineNetworks are both explicitly provided and non-empty, allowing auto-calculation paths to defer this check.

---

582-583: Clear documentation for dual-stack constraint.

Good clarification that dual-stack clusters cannot rely on auto-calculated MachineNetworks and require explicit configuration.

[openshift-ci]

@LiorSoffer: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/okd-scos-images	bc64b65	link	true	/test okd-scos-images
ci/prow/edge-lint	bc64b65	link	true	/test edge-lint
ci/prow/edge-e2e-ai-operator-ztp	bc64b65	link	true	/test edge-e2e-ai-operator-ztp

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.