feat(helm/gha-runner-scale-set-experimental): add $extra field passthrough for runner container in dind and kubernetes modes#4477
Conversation
… and kubernetes modes Mirror the pattern already used in mode-empty and the dind sidecar container: read runner.container as a map, validate known fields, and pass any unrecognised keys (e.g. securityContext, resources, imagePullPolicy) through to the rendered container spec via $extra = omit ... | toYaml. Includes input validation (map/list/unsupported-key guards) and 14 new helm-unittest test cases (7 per mode) covering passthrough, name-override suppression, and validation failure paths.
stokkie90
requested review from
a team,
Steve-Glass,
mumoshu,
nikola-jokic,
rentziass and
toast-gear
as code owners
Add commented examples for env, volumeMounts, args, securityContext, and resources under runner.container, mirroring the existing style of the runner.dind.container section.
There was a problem hiding this comment.
Pull request overview
Adds runner.container “extra fields” passthrough for the runner container when using runner.mode: dind and runner.mode: kubernetes, aligning these modes with the existing “mode-empty” behavior and improving configurability of the runner container spec.
Changes:
- Add
omit ... | toYamlpassthrough for non-explicitly-renderedrunner.containerfields in dind + kubernetes runner container templates (while ignoringrunner.container.name). - Add type-guard validation for
runner.containerand selected fields (env,volumeMounts,args,securityContext, and disallowvolumes) in both modes. - Add helm-unittest coverage for passthrough behavior + validation failure paths in both modes.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| charts/gha-runner-scale-set-experimental/templates/_mode_kubernetes.tpl | Adds validation and $extra passthrough injection for the kubernetes-mode runner container. |
| charts/gha-runner-scale-set-experimental/templates/_mode_dind.tpl | Adds validation and $extra passthrough injection for the dind-mode runner container. |
| charts/gha-runner-scale-set-experimental/tests/autoscaling_runner_set_kubernetes_mode_spec_test.yaml | Adds unit tests covering kubernetes-mode passthrough, name-override suppression, and validation errors. |
| charts/gha-runner-scale-set-experimental/tests/autoscaling_runner_set_dind_mode_spec_test.yaml | Adds unit tests covering dind-mode passthrough, name-override suppression, and validation errors. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
We would love to be able to extends |
Extract the six runner.container type-guard checks into a reusable named template 'runner.container.validate' in _defaults.tpl. Both _mode_dind.tpl and _mode_kubernetes.tpl now call this helper instead of duplicating the block, preventing future drift. Also fixes _mode_dind.tpl to use $runner := (.Values.runner | default dict) before accessing runner.container, making the failure mode consistent with kubernetes mode when runner itself is overridden to a non-map.
|
Addressed both Copilot review comments:
All 171 tests continue to pass. |
Summary
dindandkubernetesmodes, the runner container template now readsrunner.containeras a map and passes any fields not explicitly rendered (securityContext,resources,imagePullPolicy,args, etc.) through to the container spec via the$extra = omit ... | toYamlpattern.mode: ""(empty mode) via_mode_empty.tpl, and in the dind sidecar container in_mode_dind.tpl.runner.containermust be a map,env/volumeMounts/argsmust be lists,securityContextmust be a map, andvolumesis rejected with a clear error pointing torunner.pod.spec.volumes.Risks & rollout
runner.containerare unaffected (the map defaults to{}).namekey inrunner.containeris silently ignored to preserve the hardcodedrunnercontainer name.Validation
helm-unittesttest cases added (7 per mode) covering: extra field passthrough, name-override suppression, and all validation failure paths.