feat: Updated license.go file to include the feature for licenseSecret as well

[amanpruthi]

Summary by CodeRabbit

• New Features
  • Enhanced license retrieval for improved stability, including a fallback approach when primary license data isn’t available.
  • Increased observability with additional logging for clearer insights into license handling and error conditions.

[coderabbitai]

Walkthrough

The changes update the license retrieval process. The GetLicense function now incorporates additional logging and error tracking. A Kubernetes client is created through the new createKubeClient function. The logic has been streamlined to first check if the license is specified within the provided values. If not, the function calls getLicenseFromSecret to retrieve the license from a Kubernetes secret, handling errors and logging relevant information throughout the process.

Changes

File	Change Summary
pkg/wandb/spec/utils/license.go	Added createKubeClient and getLicenseFromSecret functions; enhanced GetLicense with combined nil checks, logging, and error handling for secret retrieval.

Sequence Diagram(s)

sequenceDiagram
    participant U as User
    participant GL as GetLicense
    participant CK as createKubeClient
    participant GS as getLicenseFromSecret
    participant K8s as Kubernetes API

    U->>GL: Request license
    GL->>CK: Create Kubernetes client
    CK-->>GL: Return client or error
    GL->>GL: Check spec & values for license
    alt License exists in values
        GL->>U: Log and return license
    else License missing
        GL->>GS: Call getLicenseFromSecret with client, secretName, secretKey
        GS->>K8s: Request secret data
        K8s-->>GS: Return secret data or error
        GS->>GL: Log outcome and return license or error
        GL->>U: Return license from secret
    end

Loading

Possibly related PRs

• feat: Updated license.go file to include the feature for licenseSecret as well #54: The changes in the main PR are directly related to those in the retrieved PR, as both enhance the GetLicense function in the same file and introduce the same new functions for Kubernetes client creation and license retrieval.

Poem

Oh, what a hop in the code today,
As logs and secrets lead the way.
The client springs with a joyful bound,
In secret paths, the license is found.
This rabbit cheers in code delight,
Leaping through changes with pure insight! 🐰✨

Warning

There were issues while running some tools. Please review the errors and either fix the tool’s configuration or disable the tool if it’s a critical failure.

🔧 golangci-lint (1.62.2)

Error: can't load config: the Go language version (go1.23) used to build golangci-lint is lower than the targeted Go version (1.24.0)
Failed executing command with error: can't load config: the Go language version (go1.23) used to build golangci-lint is lower than the targeted Go version (1.24.0)

✨ Finishing Touches

• 📝 Generate Docstrings

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (4)

pkg/wandb/spec/utils/license.go (4)

17-21: Consider exposing errors instead of returning an empty string.

Currently, if the Kubernetes client cannot be created, you log the error but return an empty string, which might obscure the root cause for consumers. It's often better to bubble up errors so they can be handled more gracefully. For example:

 func GetLicense(specs ...*spec.Spec) (string, error) {
     log := ctrllog.Log.WithName("GetLicense")

     kubeClient, err := createKubeClient()
     if err != nil {
         log.Error(err, "Error creating Kubernetes client")
-        return ""
+        return "", err
     }

---

37-44: Allow specifying a namespace instead of hardcoding "default".

You're calling getLicenseFromSecret with only the secret name and key, but the implementation always uses the "default" namespace. This may limit usage in multi-namespace scenarios. As a good-to-have improvement, consider passing the desired namespace in the function call:

-license := getLicenseFromSecret(kubeClient, secretName, secretKey)
+license := getLicenseFromSecret(kubeClient, secretName, secretKey, "operator-namespace")

(See below for further changes to getLicenseFromSecret that accept a namespace.)

---

48-55: Avoid using GetConfigOrDie to reduce the risk of panics.

Using GetConfigOrDie() will cause the program to panic if the configuration is invalid. Instead, you can use GetConfig() and handle any errors gracefully, as shown below:

 func createKubeClient() (client.Client, error) {
-    kubeConfig := config.GetConfigOrDie()
-    kubeClient, err := client.New(kubeConfig, client.Options{})
+    cfg, err := config.GetConfig()
+    if err != nil {
+        return nil, err
+    }
+    kubeClient, err := client.New(cfg, client.Options{})
     if err != nil {
         return nil, err
     }
     return kubeClient, nil
 }

---

57-78: Return errors instead of empty strings when retrieving secrets.

Currently, this function returns an empty string on failures, making it hard to distinguish between various error cases (missing secret, missing key, or reading failure). Consider refactoring the function signature to return (string, error):

-func getLicenseFromSecret(kubeClient client.Client, secretName, secretKey string) string {
+func getLicenseFromSecret(kubeClient client.Client, secretName, secretKey, namespace string) (string, error) {
     log := ctrllog.Log.WithName("getLicenseFromSecret")
     secret := &corev1.Secret{}
     ctx := context.TODO()

-    err := kubeClient.Get(ctx, client.ObjectKey{Name: secretName, Namespace: "default"}, secret)
+    err := kubeClient.Get(ctx, client.ObjectKey{Name: secretName, Namespace: namespace}, secret)
     if err != nil {
         log.Error(err, "Error retrieving secret", "secretName", secretName)
-        return ""
+        return "", err
     }

     if secret.Data == nil {
         log.Info("Secret has no data", "secretName", secretName)
-        return ""
+        return "", fmt.Errorf("secret %q has no data", secretName)
     }

     license, exists := secret.Data[secretKey]
     if !exists {
         log.Info("Key not found in secret", "secretKey", secretKey, "secretName", secretName)
-        return ""
+        return "", fmt.Errorf("secret %q missing key %q", secretName, secretKey)
     }
     log.Info("Successfully retrieved license from secret", "secretName", secretName)
-    return string(license)
+    return string(license), nil
 }

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6048c7b and 86203c0.

📒 Files selected for processing (1)

• pkg/wandb/spec/utils/license.go (1 hunks)

🔇 Additional comments (8)

pkg/wandb/spec/utils/license.go (8)

4-4: No concerns.

---

6-9: No concerns.

---

15-15: No concerns.

---

24-24: No concerns.

---

30-30: No concerns.

---

34-35: No concerns.

---

45-45: No concerns.

---

46-46: No concerns.

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (2)

pkg/wandb/spec/utils/license.go (2)

14-21: Consider adding context cancellation and timeout.

The Kubernetes client operations should have proper context management to prevent hanging in case of connectivity issues.

 func GetLicense(specs ...*spec.Spec) string {
 	log := ctrllog.Log.WithName("GetLicense")
+	ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
+	defer cancel()
 
-	kubeClient, err := createKubeClient()
+	kubeClient, err := createKubeClient(ctx)
 	if err != nil {
 		log.Error(err, "Error creating Kubernetes client")
 		return ""
 	}

---

23-41: Consider adding validation for secret parameters.

The secret name and key should be validated for length and format before making the Kubernetes API call.

 		secretName := s.Values.GetString("global.licenseSecret.name")
 		secretKey := s.Values.GetString("global.licenseSecret.key")
 		secretNamespace := s.Values.GetString("global.licenseSecret.namespace")
+		if len(secretName) > 253 || !isValidKubernetesName(secretName) {
+			log.Info("Invalid secret name", "secretName", secretName)
+			continue
+		}
+		if len(secretKey) == 0 {
+			log.Info("Empty secret key")
+			continue
+		}
 		if secretNamespace == "" {
 			secretNamespace = "default"
 		}

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 86203c0 and 356c115.

📒 Files selected for processing (1)

• pkg/wandb/spec/utils/license.go (1 hunks)

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (2)

pkg/wandb/spec/utils/license.go (2)

62-78: 🛠️ Refactor suggestion

Add context parameter to createKubeClient function.

The implementation follows the recommended pattern with proper validation and error handling, but doesn't accept a context parameter for propagating cancellation signals.

Apply this diff to improve the function:

-func createKubeClient() (client.Client, error) {
+func createKubeClient(ctx context.Context) (client.Client, error) {
 	kubeConfig, err := config.GetConfig()
 	if err != nil {
 		return nil, err
 	}
 	if kubeConfig.Host == "" {
 		return nil, fmt.Errorf("invalid kubernetes configuration: empty host")
 	}
 
 	kubeClient, err := client.New(kubeConfig, client.Options{
 		Scheme: scheme.Scheme,
 	})
 	if err != nil {
 		return nil, err
 	}
 	return kubeClient, nil
 }

---

80-107: 🛠️ Refactor suggestion

Use provided context instead of creating a new one.

The function should accept a context parameter instead of creating a new background context. This allows proper propagation of cancellation signals and request deadlines.

Apply this diff to improve context management:

-func getLicenseFromSecret(kubeClient client.Client, secretName, secretKey, secretNamespace string) string {
+func getLicenseFromSecret(ctx context.Context, kubeClient client.Client, secretName, secretKey, secretNamespace string) string {
 	log := ctrllog.Log.WithName("getLicenseFromSecret")
 	secret := &corev1.Secret{}
 
-	err := kubeClient.Get(context.Background(), client.ObjectKey{Name: secretName, Namespace: secretNamespace}, secret)
+	err := kubeClient.Get(ctx, client.ObjectKey{Name: secretName, Namespace: secretNamespace}, secret)
 	if err != nil {
 		log.Error(err, "Error retrieving secret")
 		return ""
 	}
 
 	if secret.Data == nil {
 		log.Info("Secret has no data")
 		return ""
 	}
 	license, exists := secret.Data[secretKey]
 	if !exists {
 		log.Info("Key not found in secret")
 		return ""
 	}
 
 	if len(license) == 0 {
 		log.Info("Empty license value in secret")
 		return ""
 	}
 
 	log.Info("Successfully retrieved license from secret")
 	return string(license)
 }

🧹 Nitpick comments (2)

pkg/wandb/spec/utils/license.go (2)

84-84: Add timeout for Kubernetes API calls.

The current implementation uses a context without a timeout for Kubernetes API calls, which could lead to hanging requests in case of network issues or an unresponsive API server.

Consider using a timeout context for the Kubernetes API call:

-	err := kubeClient.Get(context.Background(), client.ObjectKey{Name: secretName, Namespace: secretNamespace}, secret)
+	ctxWithTimeout, cancel := context.WithTimeout(ctx, 10*time.Second)
+	defer cancel()
+	err := kubeClient.Get(ctxWithTimeout, client.ObjectKey{Name: secretName, Namespace: secretNamespace}, secret)

Don't forget to add the time package to imports:

+	"time"

---

44-57: Add validation for secret configuration values.

The code doesn't validate that the retrieved values for secretName, secretKey, and secretNamespace meet minimum requirements before using them.

Add validation for the secret configuration values:

 		secretName := s.Values.GetString("global.licenseSecret.name")
 		secretKey := s.Values.GetString("global.licenseSecret.key")
 		secretNamespace := s.Values.GetString("global.licenseSecret.namespace")
 		if secretNamespace == "" {
 			secretNamespace = "default"
 		}
 
-		if secretName != "" && secretKey != "" {
+		if secretName == "" {
+			log.Info("Secret name is empty, skipping secret lookup")
+			continue
+		}
+		
+		if secretKey == "" {
+			log.Info("Secret key is empty, skipping secret lookup")
+			continue
+		}
+		
+		log.Info("Attempting to retrieve license from secret", "name", secretName, "namespace", secretNamespace)
 			license := getLicenseFromSecret(kubeClient, secretName, secretKey, secretNamespace)
 			if license != "" {
 				log.Info("License retrieved from Kubernetes secret")
 				return license
 			}
-		}

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 531cf4b and f2033c9.

📒 Files selected for processing (1)

• pkg/wandb/spec/utils/license.go (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (3)

• GitHub Check: Test
• GitHub Check: Build
• GitHub Check: build-and-scan

[coderabbitai]

🛠️ Refactor suggestion

Enhance context propagation in GetLicense function.

The updated GetLicense function has improved logging and error handling, which is excellent. However, it doesn't accept a context parameter for proper cancellation signal propagation, which is passed down to lower-level functions.

Apply this diff to improve context management:

-func GetLicense(specs ...*spec.Spec) string {
+func GetLicense(ctx context.Context, specs ...*spec.Spec) string {
 	log := ctrllog.Log.WithName("GetLicense")
 
 	// First check if license is directly provided in values
 	for _, s := range specs {
 		if s == nil || s.Values == nil {
 			continue
 		}
 
 		license := s.Values.GetString("global.license")
 		if license != "" {
 			log.Info("License retrieved from values.yaml")
 			return license
 		}
 	}
 
 	// Then try to get from secret if no direct license was found
-	kubeClient, err := createKubeClient()
+	kubeClient, err := createKubeClient(ctx)
 	if err != nil {
 		log.Error(err, "Error creating Kubernetes client")
 		return ""
 	}
 
 	for _, s := range specs {
 		if s == nil || s.Values == nil {
 			continue
 		}
 
 		secretName := s.Values.GetString("global.licenseSecret.name")
 		secretKey := s.Values.GetString("global.licenseSecret.key")
 		secretNamespace := s.Values.GetString("global.licenseSecret.namespace")
 		if secretNamespace == "" {
 			secretNamespace = "default"
 		}
 
 		if secretName != "" && secretKey != "" {
-			license := getLicenseFromSecret(kubeClient, secretName, secretKey, secretNamespace)
+			license := getLicenseFromSecret(ctx, kubeClient, secretName, secretKey, secretNamespace)
 			if license != "" {
 				log.Info("License retrieved from Kubernetes secret")
 				return license
 			}
 		}
 	}
 	return ""
 }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	func GetLicense(specs ...*spec.Spec) string {
	log := ctrllog.Log.WithName("GetLicense")
	// First check if license is directly provided in values
	for _, s := range specs {
	if s == nil {
	continue
	}
	if s.Values == nil {
	if s == nil || s.Values == nil {
	continue
	}
	license := s.Values.GetString("global.license")
	if license != "" {
	log.Info("License retrieved from values.yaml")
	return license
	}
	}
	// Then try to get from secret if no direct license was found
	kubeClient, err := createKubeClient()
	if err != nil {
	log.Error(err, "Error creating Kubernetes client")
	return ""
	}
	for _, s := range specs {
	if s == nil || s.Values == nil {
	continue
	}
	secretName := s.Values.GetString("global.licenseSecret.name")
	secretKey := s.Values.GetString("global.licenseSecret.key")
	secretNamespace := s.Values.GetString("global.licenseSecret.namespace")
	if secretNamespace == "" {
	secretNamespace = "default"
	}
	if secretName != "" && secretKey != "" {
	license := getLicenseFromSecret(kubeClient, secretName, secretKey, secretNamespace)
	if license != "" {
	log.Info("License retrieved from Kubernetes secret")
	return license
	}
	}
	}
	return ""
	}
	func GetLicense(ctx context.Context, specs ...*spec.Spec) string {
	log := ctrllog.Log.WithName("GetLicense")
	// First check if license is directly provided in values
	for _, s := range specs {
	if s == nil || s.Values == nil {
	continue
	}
	license := s.Values.GetString("global.license")
	if license != "" {
	log.Info("License retrieved from values.yaml")
	return license
	}
	}
	// Then try to get from secret if no direct license was found
	kubeClient, err := createKubeClient(ctx)
	if err != nil {
	log.Error(err, "Error creating Kubernetes client")
	return ""
	}
	for _, s := range specs {
	if s == nil || s.Values == nil {
	continue
	}
	secretName := s.Values.GetString("global.licenseSecret.name")
	secretKey := s.Values.GetString("global.licenseSecret.key")
	secretNamespace := s.Values.GetString("global.licenseSecret.namespace")
	if secretNamespace == "" {
	secretNamespace = "default"
	}
	if secretName != "" && secretKey != "" {
	license := getLicenseFromSecret(ctx, kubeClient, secretName, secretKey, secretNamespace)
	if license != "" {
	log.Info("License retrieved from Kubernetes secret")
	return license
	}
	}
	}
	return ""
	}

[zacharyblasczyk]

@coderabbitai are we doing the ctx propagation elsewhere in the code? Or is this a new paradigm you are recommending?

[coderabbitai]

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Look for functions that accept a context parameter
echo "=== Functions accepting context parameters ==="
rg -t go "func.*\(.*context\.Context.*\)" --stats

# Find direct uses of context.Background()
echo -e "\n=== Direct uses of context.Background() ==="
rg -t go "context\.Background\(\)" --stats

# Look for context propagation patterns (functions that receive ctx and pass it to other functions)
echo -e "\n=== Context propagation patterns ==="
rg -t go "func.*\((ctx|context|c).*context\.Context.*\).*\{" -A 10 -B 2 | rg "(ctx|context|c).*\,"

# Check the imports in the current file to see if context is commonly imported
echo -e "\n=== Current file imports ==="
cat pkg/wandb/spec/utils/license.go | rg "import"

Length of output: 4739

---

@zacharyblasczyk Based on my search of the codebase, I can see that context propagation is used in several parts of the code, particularly in controllers like WeightsAndBiasesReconciler where functions accept and propagate a context parameter. However, it's not consistently applied throughout the codebase.

In your current implementation of getLicenseFromSecret, you're directly using context.Background() rather than propagating a context from the caller. This approach works but doesn't allow for proper cancellation signals to flow through the call stack.

Adding context propagation would align with Kubernetes controller-runtime best practices and the patterns already present in your controller code. It's not a completely new paradigm for your codebase, but rather making the pattern more consistent across your utilities.

Would you like me to suggest an updated implementation that maintains the current behavior while supporting context propagation?

[zacharyblasczyk]

@danielpanzella, do you have an opinion, I think for now this is fine. Giving approval.

[coderabbitai]

Seems like the humans are having a chat. I'll hop back into my burrow for now. If you need me again, just tag @coderabbitai in a new comment, and I'll come hopping out!

[jsbroks]

This PR is included in version 1.19.0 🎉