Support array index notation in --set flag

[porridge]

Summary

• Replace custom path parsing (strings.Split + unstructured.SetNestedField) with Helm's strvals.Parse, which handles the full --set syntax including bracket notation like central.spec.central.defaultTLSSecret[0].name=frontend-cert
• Previously this would fail with unknown field "spec.central.defaultTLSSecret[0]" because [0] was treated as part of the map key

Test plan

• Existing --set tests pass (backward compatible)
• New test for array index notation
• go build ./..., go vet ./..., go mod tidy clean

🤖 Generated with Claude Code

Summary by CodeRabbit

• New Features
  • The --set flag now supports array index notation (for example, ...field[0].name=...) when updating deployment configuration.
• Bug Fixes
  • Improved --set parsing for key.path=value updates for more consistent value handling.
  • --set now rejects updates that target spec paths to prevent unintended configuration changes.
• Chores
  • Updated project dependencies, including Kubernetes API machinery, container registry tooling, and related libraries.

[coderabbitai]

📝 Walkthrough

Walkthrough

The --set flag handler in cmd/deploy.go replaces manual YAML unmarshalling and unstructured.SetNestedField logic with strvals.Parse, enabling array index notation in set expressions. Tests are added to verify array index notation and to validate rejection of spec. prefix assignments. go.mod receives several direct and indirect dependency version bumps, including a new sigs.k8s.io/yaml indirect entry.

Changes

--set flag parsing refactor and dependency updates

Layer / File(s)	Summary
strvals.Parse replaces manual YAML parsing cmd/deploy.go	Imports reordered to include strvals and remove unstructured; the --set handler drops manual YAML unmarshalling, int-to-float64 normalization, and unstructured.SetNestedField, delegating to strvals.Parse(expr) to produce the unstructured patch directly. Format validation and spec. prefix rejection are retained.
Test for array index notation cmd/deploy_test.go	TestNewDeployCmd_Flags gains a case passing defaultTLSSecret[0].name=frontend-cert via --set and asserting the resulting cfg.Central.Spec contains the correct nested slice/map structure.
Test for spec. prefix rejection cmd/deploy_test.go	New TestNewDeployCmd_SetRejectsSpec validates that --set inputs targeting spec. paths return an error message containing "spec".
Dependency version bumps go.mod	golang.org/x/term and k8s.io/apimachinery bumped in direct requirements; docker-credential-helpers, go.yaml.in/yaml/v2, and multiple golang.org/x/* modules updated in indirect requirements; sigs.k8s.io/yaml v1.6.0 added as a new indirect entry.

Sequence Diagram

(None—these are straightforward parsing and validation updates without complex multi-component orchestration flows.)

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Suggested reviewers

• vladbologa

Poem

🐇 Hop, hop, the flag now knows
Array index notation flows,
strvals.Parse takes the wheel,
Nested maps with slice appeal—
No more int-to-float juggling here,
Just clean patches, crystal clear! ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The pull request title 'Support array index notation in --set flag' directly and clearly describes the main change—adding array index notation support to the --set flag via strvals.Parse.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch nested-set

---

_{Comment @coderabbitai help to get the list of available commands.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@cmd/deploy.go`:
- Around line 140-149: The prefix validation for the "spec." guard only checks
the first key extracted from the expression before the equals sign, but
strvals.Parse handles comma-delimited multi-assignment expressions that can
contain multiple key=value pairs. To fix this, validate all keys in the
expression, not just the first one: split the entire expr by commas to extract
each individual assignment, validate that none of the keys in any of these
assignments start with "spec." (checking the portion before each equals sign),
and then proceed with the strvals.Parse call. This ensures that expressions like
"central.a=1,spec.b=2" properly reject the second assignment instead of only
validating the first key.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yml

Review profile: CHILL

Plan: Enterprise

Run ID: 1160977c-6262-46fb-a784-292b8bc0ba9f

📥 Commits

Reviewing files that changed from the base of the PR and between 6887804 and 494672c.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (3)

• cmd/deploy.go
• cmd/deploy_test.go
• go.mod

[coderabbitai]

🧹 Nitpick comments (1)

cmd/deploy_test.go (1)

263-267: 🗄️ Data Integrity & Integration | 🔵 Trivial | ⚡ Quick win

Assert config is unchanged after rejected --set.

At Line 265, you already assert an error for forbidden spec paths, but the test doesn’t verify state safety. Add an assertion that cfg is still the default config to prevent silent partial-mutation regressions.

Proposed test hardening

 		t.Run(tt.name, func(t *testing.T) {
 			cfg := deployer.NewConfig()
+			initial := deployer.NewConfig()
 			cmd := newDeployCmd(&cfg)
 			err := cmd.ParseFlags(tt.args)
 			require.Error(t, err)
 			assert.Contains(t, err.Error(), "spec")
+			assert.Equal(t, initial, cfg)
 		})
 	}
 }

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@cmd/deploy_test.go` around lines 263 - 267, The test verifies that ParseFlags
rejects the forbidden spec path but doesn't ensure the config remains in its
default state. After the existing require.Error and assert.Contains assertions
in this test block, add an assertion that compares the cfg variable to a freshly
created default config (created the same way as the initial cfg :=
deployer.NewConfig() at the start of the test) to verify that no partial
mutations occurred during the failed ParseFlags call.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@cmd/deploy_test.go`:
- Around line 263-267: The test verifies that ParseFlags rejects the forbidden
spec path but doesn't ensure the config remains in its default state. After the
existing require.Error and assert.Contains assertions in this test block, add an
assertion that compares the cfg variable to a freshly created default config
(created the same way as the initial cfg := deployer.NewConfig() at the start of
the test) to verify that no partial mutations occurred during the failed
ParseFlags call.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yml

Review profile: CHILL

Plan: Enterprise

Run ID: 688497f4-bd89-4aed-879b-9d3096090a79

📥 Commits

Reviewing files that changed from the base of the PR and between d6a2882 and 747797a.

📒 Files selected for processing (2)

• cmd/deploy.go
• cmd/deploy_test.go

🚧 Files skipped from review as they are similar to previous changes (1)

• cmd/deploy.go