chore: disable pdbs for dps

[pratapaprasanna]

Summary by CodeRabbit

• New Features

  • Introduced a new configuration option for deployment flexibility.

• Bug Fixes

  • Enhanced error handling and cleanup procedures during deployment.

[coderabbitai]

Walkthrough

The deploy_preview.sh script has been updated to enhance deployment flexibility and resource management in a Kubernetes environment. The changes focus on modifying the Helm chart deployment process by adding a new configuration option to disable pod disruption budgets. The script now includes improved error handling and cleanup mechanisms, specifically for managing Kubernetes namespaces and persistent volumes when the RECREATE environment variable is set.

Changes

File	Change Summary
scripts/deploy_preview.sh	- Added Helm chart option --set podDisruptionBudgets.enabled=false - Enhanced error handling and cleanup procedures - Expanded namespace and persistent volume deletion logic

Poem

🚀 Deployment dance, a script so bright
Kubernetes pods take gentle flight
Budgets disabled, resources clear
Preview magic drawing near
Helm charts singing, clean and light! 🌟

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🔭 Outside diff range comments (3)

scripts/deploy_preview.sh (3)

Line range hint 3-31: Enhance AWS credentials security and error handling

The AWS credentials handling needs improvement in several areas:

1. Add error handling for the aws sts assume-role command
2. Set restrictive permissions on AWS config file
3. Consider using AWS SDK environment variables instead of config file

Apply this improvement:

 mkdir ~/.aws; touch ~/.aws/config
+chmod 600 ~/.aws/config
 
-sts_output="$(aws sts assume-role --role-arn "$AWS_ROLE_ARN" --role-session-name ekscisession)"
+sts_output="$(aws sts assume-role --role-arn "$AWS_ROLE_ARN" --role-session-name ekscisession)" || {
+  echo "Failed to assume role"
+  exit 1
+}

---

Line range hint 39-54: Improve cleanup reliability and error handling

The cleanup process needs better error handling and race condition prevention.

Apply these improvements:

 if [[ -n "${RECREATE-}" ]]
 then
-  mongosh "mongodb+srv://$DB_USERNAME:$DB_PASSWORD@$DB_URL/$DBNAME?retryWrites=true&minPoolSize=1&maxPoolSize=10&maxIdleTimeMS=900000&authSource=admin" --eval 'db.dropDatabase()'
+  mongosh "mongodb+srv://$DB_USERNAME:$DB_PASSWORD@$DB_URL/$DBNAME?retryWrites=true&minPoolSize=1&maxPoolSize=10&maxIdleTimeMS=900000&authSource=admin" --eval 'db.dropDatabase()' || {
+    echo "Failed to drop database"
+    exit 1
+  }
-  pod_name="$(kubectl get pods -n "$NAMESPACE" -o json | jq '.items[0].metadata.name' | tr -d '"')"
+  pod_name="$(kubectl get pods -n "$NAMESPACE" -o json | jq -r '.items[0].metadata.name')" || {
+    echo "No pods found in namespace $NAMESPACE"
+    exit 1
+  }

---

Line range hint 102-108: Consider externalizing sensitive configuration

The script contains sensitive configuration values that should be moved to a secure configuration management system:

• Sentry DSN
• MongoDB connection string
• Customer portal URL

🧹 Nitpick comments (1)

scripts/deploy_preview.sh (1)

Line range hint 47-54: Remove or implement commented EFS access point code

The commented code for EFS access points should either be implemented or removed to maintain code clarity.

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a3e9967 and ca8eaa0.

📒 Files selected for processing (1)

• scripts/deploy_preview.sh (1 hunks)

🔇 Additional comments (1)

scripts/deploy_preview.sh (1)

101-101: Verify impact of disabled pod disruption budgets

Disabling pod disruption budgets might affect application availability during node maintenance or scaling events.

Run this script to check current PDB usage:

✅ Verification successful

Let me search for PDB-related configurations in the codebase to understand the impact of disabling them.

---

Disabling PDBs is acceptable for preview deployments

The PDB configuration is being disabled in a preview deployment script (deploy_preview.sh), which is appropriate since:

• This is a preview environment, not production
• The StatefulSet configuration exists but preview deployments typically don't require high availability guarantees
• Resource requests are minimal (1m CPU), indicating this is a non-critical environment

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check current PDB configuration and pod distribution
kubectl get pdb -n "$NAMESPACE" -o wide
kubectl get pods -n "$NAMESPACE" -o wide --show-labels

Length of output: 274

---

Script:

#!/bin/bash
# Search for PDB configurations in Helm charts and values files
fd -e yaml -e yml | xargs rg -l "podDisruptionBudget|PodDisruptionBudget" 

# Check if there are any other instances of PDB configuration
rg -i "podDisruptionBudget" -A 3 -B 3

# Look for deployment configurations that might be affected
fd -e yaml -e yml | xargs rg "kind:\s+(Deployment|StatefulSet)"

Length of output: 959

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

scripts/deploy_preview.sh (1)

Line range hint 39-44: Enhance error handling in cleanup section

The current error handling might mask real issues. Consider:

1. Adding error checks for database operations
2. Logging cleanup failures
3. Implementing the commented EFS access point cleanup

if [[ -n "${RECREATE-}" ]]
then
+  echo "Starting cleanup process..."
+  if ! mongosh "mongodb+srv://$DB_USERNAME:$DB_PASSWORD@$DB_URL/$DBNAME?retryWrites=true&minPoolSize=1&maxPoolSize=10&maxIdleTimeMS=900000&authSource=admin" --eval 'db.dropDatabase()'; then
+    echo "Warning: Database cleanup failed"
+  fi
   pod_name="$(kubectl get pods -n "$NAMESPACE" -o json | jq '.items[0].metadata.name' | tr -d '"')"
-  kubectl exec "$pod_name" -n "$NAMESPACE" -- bash -c "rm -rf /appsmith-stacks/*"
+  if ! kubectl exec "$pod_name" -n "$NAMESPACE" -- bash -c "rm -rf /appsmith-stacks/*"; then
+    echo "Warning: Failed to clean up appsmith-stacks"
+  fi

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a3e9967 and ca8eaa0.

📒 Files selected for processing (1)

• scripts/deploy_preview.sh (1 hunks)

🔇 Additional comments (1)

scripts/deploy_preview.sh (1)

101-101: LGTM: Disabling PDBs is appropriate for preview environments

The change aligns with the deployment preview use case where high availability guarantees aren't critical.

Let's verify the PDB configuration in the Helm chart:

✅ Verification successful

Disabling PDBs is safe for preview environments

The Helm chart values file doesn't explicitly define PDB configurations, which means the --set podDisruptionBudgets.enabled=false flag will safely override any default PDB settings without side effects. This is appropriate for preview environments where high availability isn't critical.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Verify PDB configuration in the Helm chart
helm show values appsmith-ee/appsmith | grep -A 5 "podDisruptionBudgets"

Length of output: 167

---

Script:

#!/bin/bash
# Let's search for PDB-related configurations in yaml files
rg -l "podDisruptionBudgets?" --type yaml

# Check the content of any helm chart values files
fd "values.ya?ml" --type f --exec cat {}

Length of output: 10159

[coderabbitai]

🛠️ Refactor suggestion

Consider adjusting the CPU request

The CPU request of 1m is extremely low and might cause scheduling issues. Consider setting it to a more realistic value like "100m" for better pod scheduling.

-  --set resources.requests.cpu="1m" \
+  --set resources.requests.cpu="100m" \
   --set resources.requests.memory="2048Mi" \

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	--set resources.requests.cpu="1m" \
	--set resources.requests.memory="2048Mi" \
	--set resources.requests.cpu="100m" \
	--set resources.requests.memory="2048Mi" \