Skip to content

Update ApplicationConfigController.java #1284

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Update ApplicationConfigController.java #1284

wants to merge 1 commit into from

Conversation

@farhadsalehi95
Copy link

@farhadsalehi95 farhadsalehi95 commented Aug 21, 2025
edited
Loading

  • Breaking change?
    Yes. Strict configuration validation has been added. Applications with missing or malformed rbac, auth, or kafka sections in the YAML configuration may fail to start or fail during runtime validation. Existing configurations may require updates.

Yes. This introduces stricter configuration validation at startup and during runtime. Applications with missing or malformed rbac, auth, or kafka sections in the YAML config will fail to start or trigger validation errors. Migration may require updating configuration files to match the expected structure.

What changes did you make? (Give an overview)

  • Added comprehensive startup configuration validation for YAML structure, RBAC, authentication, and Kafka cluster sections.
  • Enhanced RBAC validation to ensure roles are defined and typos in section names are caught.
  • Added HealthIndicator implementation to reflect configuration validity and validation-in-progress status.
  • Updated REST endpoints for validating and applying new configurations (restartWithConfig, validateConfig) with full validation.
  • Introduced helper methods for checking cluster validation and YAML section presence.
  • Improved logging for configuration validation failures.
  • Ensured atomic flags are used to manage validation state.

Is there anything you'd like reviewers to focus on?

  • Correctness of RBAC and YAML structure validation logic.
  • Thread-safety of configValid and validationInProgress flags.
  • Proper handling of cluster validation and fallback mechanisms.
  • Error handling and logging clarity for startup and runtime validation failures.

How Has This Been Tested? (put an "x" (case-sensitive!) next to an item)

  • No need to
  • Manually (tested with valid and invalid YAML configs, missing sections, and cluster validation failures)
  • Unit checks
  • Integration checks
  • Covered by existing automation

Checklist (put an "x" (case-sensitive!) next to all the items, otherwise the build will fail)

  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation (e.g., ENVIRONMENT VARIABLES)
  • My changes generate no new warnings (e.g., Sonar is happy)
  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes
  • Any dependent changes have been merged

Check out Contributing and Code of Conduct

A picture of a cute animal (not mandatory but encouraged)
cute cat

@farhadsalehi95 farhadsalehi95 requested a review from a team as a code owner August 21, 2025 02:32
@kapybro kapybro bot added status/triage Issues pending maintainers triage status/triage/manual Manual triage in progress status/triage/completed Automatic triage completed and removed status/triage Issues pending maintainers triage labels Aug 21, 2025
github-actions[bot]
github-actions bot reviewed Aug 21, 2025
View reviewed changes
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi farhadsalehi95! 👋

Welcome, and thank you for opening your first PR in the repo!

Please wait for triaging by our maintainers.

Please take a look at our contributing guide.

@Haarolean
Copy link
Member

Haarolean commented Aug 21, 2025

Thanks for the contribution. Unfortunately this change can’t be merged. It mixes multiple concerns (web controller, actuator health, startup lifecycle, yaml parsing), introduces blocking calls into reactive paths, and adds process-exit behavior during bean init. It also relies on reflection and hardcoded file locations, which isn’t compatible with our config model.

if you’re interested in pursuing config validation, please open a focused proposal first. Roughly what we’d accept:

  • A dedicated @Component implementing a readiness health contributor (no System.exit, no DOWN during in-progress)
  • Validation composed reactively without .block() in request paths
  • No direct snakeyaml file reads; use existing spring mechanics
  • Strict types (no reflection) and failure-fast semantics (don’t silently coerce invalid config)
  • Tests

Closing this for now. Happy to review a scoped design doc.

@Haarolean Haarolean closed this Aug 21, 2025
@Haarolean Haarolean mentioned this pull request Aug 25, 2025
Closed
13 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

Assignees

No one assigned

Labels

status/triage/completed Automatic triage completed status/triage/manual Manual triage in progress

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@farhadsalehi95 @Haarolean