Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Summary of Changes
Hello @roderik, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!
This pull request introduces a significant feature allowing users to provide pre-existing Besu network artifacts instead of relying on the chart's bootstrapper job to generate them. This enhances flexibility for deploying Besu networks by enabling the use of custom or externally managed network configurations, thereby streamlining deployments where artifact generation is handled outside the Helm chart.
Highlights
- External Artifact Sourcing: Introduced a new configuration option (
artifacts.source) to allow users to choose between generating network artifacts or providing them externally. - Kubernetes Resource Generation: Added support for supplying external Besu network artifacts (genesis, static nodes, validator keys, faucet details) via Helm values, which are then rendered into Kubernetes ConfigMaps and Secrets.
- Conditional Bootstrapper Job: Modified the bootstrapper job to be conditionally disabled when external artifacts are provided, preventing redundant generation and streamlining deployments.
- Documentation and Configuration Updates: Updated the
README.mdandvalues.yamlfiles to clearly document the newartifacts.sourceandartifacts.externalconfiguration options and their usage.
Using Gemini Code Assist
The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.
Invoking Gemini
You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.
| Feature | Command | Description |
|---|---|---|
| Code Review | /gemini review |
Performs a code review for the current pull request in its current state. |
| Pull Request Summary | /gemini summary |
Provides a summary of the current pull request in its current state. |
| Comment | @gemini-code-assist | Responds in comments when explicitly tagged, both in pull request comments and review comments. |
| Help | /gemini help |
Displays a list of available commands. |
Customization
To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.
Limitations & Feedback
Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.
You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.
Footnotes
-
Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩
|
To view in Slack, search for: 1758125345.705619 |
github-actions
Bot
added
the
status:ready-for-review
![sourcery-ai[bot]](https://avatars.githubusercontent.com/in/48477?s=60&v=4){kind=small}
There was a problem hiding this comment.
Hey there - I've reviewed your changes and they look great!
Prompt for AI Agents
Please address the comments from this code review:
## Individual Comments
### Comment 1
<location> `charts/network/charts/network-bootstrapper/templates/external-artifacts.yaml:10` </location>
<code_context>
+{{- $validators := get $external "validators" -}}
+{{- $faucet := get $external "faucet" -}}
+{{- if not $genesis }}{{ fail "artifacts.external.genesis must be provided when artifacts.source is 'external'." }}{{- end }}
+{{- if not $staticNodes }}{{ fail "artifacts.external.staticNodes must include at least one enode when artifacts.source is 'external'." }}{{- end }}
+{{- if not $validators }}{{ fail "artifacts.external.validators must include at least one entry when artifacts.source is 'external'." }}{{- end }}
+{{- if not ($faucet.address) }}{{ fail "artifacts.external.faucet.address must be set when artifacts.source is 'external'." }}{{- end }}
</code_context>
<issue_to_address>
**issue:** The staticNodes check will fail if the value is an empty list.
Since an empty list is considered falsy, the current check may fail even when staticNodes is present but empty. Use a length check to ensure the list contains at least one enode.
</issue_to_address>Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.
| {{- $validators := get $external "validators" -}} | ||
| {{- $faucet := get $external "faucet" -}} | ||
| {{- if not $genesis }}{{ fail "artifacts.external.genesis must be provided when artifacts.source is 'external'." }}{{- end }} | ||
| {{- if not $staticNodes }}{{ fail "artifacts.external.staticNodes must include at least one enode when artifacts.source is 'external'." }}{{- end }} |
There was a problem hiding this comment.
issue: The staticNodes check will fail if the value is an empty list.
Since an empty list is considered falsy, the current check may fail even when staticNodes is present but empty. Use a length check to ensure the list contains at least one enode.
github-actions
Bot
added
qa:success
There was a problem hiding this comment.
Code Review
This pull request introduces a valuable feature to allow sourcing Besu network artifacts externally, which increases the flexibility of the Helm chart. The changes are well-structured, with a new template for external artifacts, conditional rendering of the bootstrapper job, and corresponding updates to values.yaml and the README.md.
My review focuses on the new external-artifacts.yaml template. I've identified a couple of issues in the validation logic that could lead to incorrect behavior or template rendering errors. Specifically, the checks for empty lists/objects are not effective, and there's a risk of a nil pointer error when handling the faucet configuration. I've provided suggestions to make the validation more robust.
Once these points are addressed, the implementation will be solid.
| {{- $genesis := get $external "genesis" -}} | ||
| {{- $staticNodes := get $external "staticNodes" -}} | ||
| {{- $validators := get $external "validators" -}} | ||
| {{- $faucet := get $external "faucet" -}} |
There was a problem hiding this comment.
Accessing properties on $faucet can cause a template execution error if artifacts.external.faucet is not defined in the user's values. In that case, $faucet would be nil, and any attempt like $faucet.address on line 12 would cause a nil pointer error. To make this more robust, you can ensure $faucet is always a dictionary by providing a default.
{{- $faucet := get $external "faucet" | default dict -}}| {{- if not $genesis }}{{ fail "artifacts.external.genesis must be provided when artifacts.source is 'external'." }}{{- end }} | ||
| {{- if not $staticNodes }}{{ fail "artifacts.external.staticNodes must include at least one enode when artifacts.source is 'external'." }}{{- end }} | ||
| {{- if not $validators }}{{ fail "artifacts.external.validators must include at least one entry when artifacts.source is 'external'." }}{{- end }} |
There was a problem hiding this comment.
These validation checks for genesis, staticNodes, and validators are not robust. The if not ... check only fails if the value is nil, but it passes for an empty map ({}) or an empty list ([]). However, the failure messages state that these should not be empty, which could lead to the chart rendering with incomplete configuration when artifacts.source is external. You should check the length of these values to ensure they are not empty.
{{- if le (len $genesis) 0 }}{{ fail "artifacts.external.genesis must be a non-empty object when artifacts.source is 'external'." }}{{- end }}
{{- if le (len $staticNodes) 0 }}{{ fail "artifacts.external.staticNodes must include at least one enode when artifacts.source is 'external'." }}{{- end }}
{{- if le (len $validators) 0 }}{{ fail "artifacts.external.validators must include at least one entry when artifacts.source is 'external'." }}{{- end }}![seer-by-sentry[bot]](https://avatars.githubusercontent.com/in/801464?s=60&v=4){kind=small}
| {{- if not ($faucet.address) }}{{ fail "artifacts.external.faucet.address must be set when artifacts.source is 'external'." }}{{- end }} | ||
| {{- if not ($faucet.publicKey) }}{{ fail "artifacts.external.faucet.publicKey must be set when artifacts.source is 'external'." }}{{- end }} | ||
| {{- if not ($faucet.privateKey) }}{{ fail "artifacts.external.faucet.privateKey must be set when artifacts.source is 'external'." }}{{- end }} |
There was a problem hiding this comment.
Potential bug: The template accesses fields on the $faucet variable without verifying the faucet key exists, which can cause a template rendering crash if the key is omitted from user configuration.
-
Description: When
artifacts.sourceis set to'external', the Helm template retrieves thefaucetconfiguration usingget $external "faucet". If a user provides anartifacts.externalobject in their values but omits thefaucetkey, thegetfunction returns an empty string. The subsequent code then attempts to access fields like.addresson this empty string ($faucet.address). In Go templates, which Helm uses, accessing a field on a non-map/non-struct type like a string results in a template rendering error, which will cause the Helm deployment to fail. -
Suggested fix: Modify the variable assignment to provide a default empty dictionary if the
faucetkey is missing. Change{{- $faucet := get $external "faucet" -}}to{{- $faucet := get $external "faucet" | default (dict) -}}. This ensures$faucetis always a dictionary, allowing the subsequent validationif not ($faucet.address)to execute safely without causing a rendering error.
severity: 0.75, confidence: 0.9
Did we get this right? 👍 / 👎 to inform future reviews.
roderik
force-pushed
the
feat/external-artifacts-mode
branch
from
b1780a8 to
d59eb99
Compare
github-actions
Bot
added
qa:running
roderik
force-pushed
the
feat/external-artifacts-mode
branch
from
d59eb99 to
5d4b83d
Compare
github-actions
Bot
added
qa:running
roderik
force-pushed
the
feat/external-artifacts-mode
branch
from
5d4b83d to
9074711
Compare
github-actions
Bot
added
qa:running
roderik
force-pushed
the
feat/external-artifacts-mode
branch
from
9074711 to
f72b8a4
Compare
github-actions
Bot
added
qa:running
roderik
force-pushed
the
feat/external-artifacts-mode
branch
from
f72b8a4 to
6bc927a
Compare
github-actions
Bot
added
qa:running
github-actions
Bot
added
status:merged
* origin/main: feat: support external artifact sourcing (#9) # Conflicts: # charts/network/charts/network-nodes/templates/_helpers.tpl
1 participant
Summary
Testing