feat(base-cluster/monitoring/alertmanager)!: add receiver and route configuration capabilities #1600

tasches · 2025-07-21T13:20:01Z

Summary by CodeRabbit

New Features
- Introduced support for multiple alert receivers, including named email receivers with customizable SMTP settings.
- Added ability to configure custom alert routing rules and specify a default alert receiver.
- Enhanced validation for alert receiver configuration, including stricter checks on integration keys.
- Added a network policy to allow Alertmanager egress traffic to configured email receiver hosts.
Refactor
- Simplified and improved Alertmanager configuration logic for easier management of receivers and routes.
- Removed explicit enablement flags for receivers, streamlining configuration.
Chores
- Updated sample configuration files to demonstrate new receiver and routing capabilities.

coderabbitai · 2025-07-21T13:20:08Z

"""

Walkthrough

The changes overhaul the Alertmanager configuration in the Helm chart, introducing support for multiple receiver types (PagerDuty, email), stricter validation and schema constraints, dynamic receiver and routing configuration, and removal of explicit enablement flags. The configuration files and schema are updated to reflect these new structures and validation requirements. Additionally, a new Cilium network policy manifest for Alertmanager email egress is added.

Changes

File(s)	Summary
charts/base-cluster/ci/artifacthub-values.yaml charts/base-cluster/ci/pagerduty-values.yaml	Removed `enabled: true` from PagerDuty receiver; updated `integrationKey` value.
charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml	Refactored Alertmanager config: dynamic receiver construction, recursive route validation, removed hardcoded PagerDuty.
charts/base-cluster/values.schema.json	Enhanced schema: stricter PagerDuty validation, added email receiver support, added routing, new defaultReceiver prop.
charts/base-cluster/values.yaml	Removed explicit PagerDuty receiver; set defaultReceiver dynamically; cleared receivers and routes.
charts/base-cluster/ci/alertmanager-values.yaml	Added new config: two email receivers, defaultReceiver set, custom routing for test namespace alerts.
charts/base-cluster/templates/monitoring/kube-prometheus-stack/alertmanager-networkpolicy.yaml	Added new CiliumNetworkPolicy manifest for Alertmanager email egress, dynamically allowing egress to email hosts.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant Helm Chart
    participant Alertmanager

    User->>Helm Chart: Provide values.yaml with receivers/routes/defaultReceiver
    Helm Chart->>Helm Chart: Validate receivers and routes (recursive check)
    Helm Chart->>Alertmanager: Render config with dynamic receivers and routes
    Alertmanager-->>Helm Chart: Accepts config if validation passes

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~40 minutes

Suggested reviewers

marvinWolff

Poem

A rabbit hops through configs anew,
With emails and pagers in the queue.
Receivers now dance in dynamic array,
Routing alerts in a clever new way.
Schema’s more strict, validation in tow—
This bunny’s delighted to see it all flow!
🐇💌🔔
"""

Note

⚡️ Unit Test Generation is now available in beta!

Learn more here, or try it out under "Finishing Touches" below.

✨ Finishing Touches

🧪 Generate unit tests

Create PR with unit tests
Post copyable unit tests in a comment
Commit unit tests in branch feat/alertmanager-config

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

Review comments: Directly reply to a review comment made by CodeRabbit. Example:
- I pushed a fix in commit <commit_id>, please review it.
- Explain this complex logic.
- Open a follow-up GitHub issue for this discussion.
Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
- @coderabbitai explain this code block.
- @coderabbitai modularize this function.
PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
- @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
- @coderabbitai read src/utils.ts and explain its main purpose.
- @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
- @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

@coderabbitai pause to pause the reviews on a PR.
@coderabbitai resume to resume the paused reviews.
@coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
@coderabbitai full review to do a full review from scratch and review all the files again.
@coderabbitai summary to regenerate the summary of the PR.
@coderabbitai generate docstrings to generate docstrings for this PR.
@coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
@coderabbitai generate unit tests to generate unit tests for this PR.
@coderabbitai resolve resolve all the CodeRabbit review comments.
@coderabbitai configuration to show the current CodeRabbit configuration for the repository.
@coderabbitai help to get help.

Other keywords and placeholders

Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (`.coderabbit.yaml`)

You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
Please see the configuration documentation for more information.
If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

Visit our Documentation for detailed information on how to use CodeRabbit.
Join our Discord Community to get help, request features, and share feedback.
Follow us on X/Twitter for updates and announcements.

coderabbitai

Actionable comments posted: 3

♻️ Duplicate comments (1)

charts/base-cluster/ci/pagerduty-values.yaml (1)
4-7: Same 32-char length issue as in artifacthub values

The placeholder is 30 chars – adjust to keep CI green.
-          integrationKey: INTEGRATION_KEY__INTEGRATION_KEY
+          integrationKey: 00000000000000000000000000000000

🧹 Nitpick comments (4)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (1)

81-83: route.receiver emitted even when only the “null” sink exists

$receivers always contains the pre-seeded "null" entry, so the if $receivers guard is always true and a route with receiver "null" is emitted even when no real receivers are configured.
Consider switching the condition to if gt (len $receivers) 1 or checking .Values.monitoring.prometheus.alertmanager.receivers instead to avoid suprisingly enabled Alertmanager.

charts/base-cluster/values.yaml (1)

298-300: Default receiver falls back to literal "null"

If no PagerDuty receiver exists, .defaultReceiver becomes the string "null".
Because a dummy "null" receiver is injected, this works technically, but a clearer fallback could be the first configured receiver or an empty string to surface mis-configuration early.
charts/base-cluster/values.schema.json (2)
723-730: PagerDuty integrationKey should restrict the character set

Length is enforced, but not content. PagerDuty keys are URL-safe base-32 (A-Z, a-z, 0-9).
Consider tightening the schema with a pattern so accidental whitespace or separators are caught at validation time.
-                          "minLength": 32,
-                          "maxLength": 32
+                          "minLength": 32,
+                          "maxLength": 32,
+                          "pattern": "^[A-Za-z0-9]{32}$"
1713-1715: External $defs dependency might introduce brittle builds

Depending on a remote GitHub raw link ties chart installation to network availability and the exact upstream schema structure. Consider vendoring the snippet or pinning to a commit SHA to prevent silent breakage if the file layout changes.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between eec214f and bac28d1.

📒 Files selected for processing (5)

charts/base-cluster/ci/artifacthub-values.yaml (1 hunks)
charts/base-cluster/ci/pagerduty-values.yaml (1 hunks)
charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (2 hunks)
charts/base-cluster/values.schema.json (2 hunks)
charts/base-cluster/values.yaml (1 hunks)

🧰 Additional context used

🪛 YAMLlint (1.37.1)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml

[error] 2-2: syntax error: expected '', but found '{'

(syntax)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (6)

GitHub Check: Validate Title
GitHub Check: Validate README changes (base-cluster)
GitHub Check: wait-for-checks
GitHub Check: Update release-please config file for a possibly new chart
GitHub Check: lint helm chart (base-cluster)
GitHub Check: wait-for-checks

🔇 Additional comments (2)

charts/base-cluster/ci/artifacthub-values.yaml (1)

41-44: Placeholder integration key violates new 32-char schema constraint

INTEGRATION_KEY__INTEGRATION_KEY is only 30 characters, so Helm-schema validation will now fail.
Provide a dummy value with exactly 32 printable characters or fetch a real key via CI secrets.
-          integrationKey: INTEGRATION_KEY__INTEGRATION_KEY
+#         32-character placeholder, adjust in CI
+          integrationKey: 00000000000000000000000000000000
Likely an incorrect or invalid review comment.
charts/base-cluster/values.schema.json (1)

774-776: Verify external $ref path for routes

The schema defers to #/$defs/alertmanagerConfigRoute, which in turn references a remote URL. Please double-check that the referenced path (…/values.schema.json#/properties/config/properties/route) still exists in the upstream repo; breaking URLs cause Helm-lint failures.

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml

charts/base-cluster/values.schema.json

charts/base-cluster/values.yaml

charts/base-cluster/values.schema.json

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml

charts/base-cluster/values.schema.json

coderabbitai

Actionable comments posted: 2

♻️ Duplicate comments (1)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (1)
43-50: Receiver type extraction – $name still mutated, risking inconsistencies

Inside the loop $name is reassigned after determining $type.
Down-stream template logic (e.g. $receivers = set … $name) relies on the mutated value, while other places (see lines 87-89) expect the original key.
Keeping two variables but mutating one of them is error-prone and hard to reason about.

A safer pattern is to keep the original key untouched and work exclusively with $type / $displayName derived from it:
-  {{- range $name, $config := .Values.monitoring.prometheus.alertmanager.receivers -}}
-    {{- $type := $name -}}
-    {{- $splitted := splitList $name " " -}}
-    {{- if ge (len $splitted) 2 -}}
-      {{- $type = index $splitted 0 -}}
-      {{- $name = index $splitted 1 -}}
-    {{- end -}}
+  {{- range $rawName, $config := .Values.monitoring.prometheus.alertmanager.receivers -}}
+    {{- $parts := splitList $rawName " " -}}
+    {{- $type := index $parts 0 -}}
+    {{- $displayName := ternary (index $parts 1) $type (ge (len $parts) 2) -}}
This removes side-effects and makes it clear which variable represents what.
(Subsequent template lines must of course switch from $name to $displayName.)

🧹 Nitpick comments (2)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (2)
62-75: Parity between e-mail and PagerDuty receivers

After applying the above change, remember to align the e-mail branch (eq $type "email") so both receiver types follow the same $displayName convention.
This ensures defaultReceiver values and custom routes can reference either type uniformly.

83-85: if $receivers guard is redundant – dict is never empty

$receivers is initialised with a "null" receiver (line 31), therefore the if $receivers condition is always truthy.
The extra guard adds noise without any functional benefit and can be removed:
-  {{- if $receivers }}
     receiver: {{ include "common.tplvalues.render" (dict "value" .Values.monitoring.prometheus.alertmanager.defaultReceiver "context" .) | quote }}
-  {{- end }}

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between bac28d1 and 1bb1268.

📒 Files selected for processing (3)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (2 hunks)
charts/base-cluster/values.schema.json (2 hunks)
charts/base-cluster/values.yaml (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

charts/base-cluster/values.yaml
charts/base-cluster/values.schema.json

🧰 Additional context used

🪛 YAMLlint (1.37.1)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml

[error] 2-2: syntax error: expected '', but found '{'

(syntax)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

GitHub Check: check licenses
GitHub Check: lint helm chart (base-cluster)
GitHub Check: wait-for-checks

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml

coderabbitai

Actionable comments posted: 0

♻️ Duplicate comments (1)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (1)
43-49: Fix variable-mutation side-effects by keeping $name immutable

Inside the loop $name is overwritten after the split which (a) makes the code harder to reason about and (b) risks subtle bugs later if $name is reused for anything other than the final receiver key.
Keep the original iterator variable immutable and work with distinct locals instead.
-{{- range $name, $config := .Values.monitoring.prometheus.alertmanager.receivers -}}
-  {{- $type := $name -}}
-  {{- $splitted := splitList $name " " -}}
-  {{- if ge (len $splitted) 2 -}}
-    {{- $type = index $splitted 0 -}}
-    {{- $name = index $splitted 1 -}}
-  {{- end -}}
+{{- range $rawName, $config := .Values.monitoring.prometheus.alertmanager.receivers -}}
+  {{- $parts := splitList $rawName " " -}}
+  {{- $type := index $parts 0 -}}
+  {{- $displayName := (ge (len $parts) 2 | ternary (index $parts 1) $type) -}}
Follow-up lines need to use $displayName instead of $name.
This removes hidden mutation and makes the intent explicit.

🧹 Nitpick comments (1)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (1)
83-85: if $receivers condition is always truthy – drop the pointless guard

$receivers is initialised with a "null" stub before the loop, therefore the
{{- if $receivers }} guard can never be false.
Removing the check simplifies the template and avoids future confusion.
-{{- $receiversList := list -}}
-...
-  receivers: {{- toYaml $receiversList | nindent 4 }}
-  route: {{- if $receivers }}
+{{- $receiversList := list -}}
+...
+  receivers: {{- toYaml $receiversList | nindent 4 }}
+  route:
(Indentation unchanged.)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0939bf7 and b817202.

📒 Files selected for processing (5)

charts/base-cluster/ci/artifacthub-values.yaml (1 hunks)
charts/base-cluster/ci/pagerduty-values.yaml (1 hunks)
charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (2 hunks)
charts/base-cluster/values.schema.json (2 hunks)
charts/base-cluster/values.yaml (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (4)

charts/base-cluster/ci/artifacthub-values.yaml
charts/base-cluster/ci/pagerduty-values.yaml
charts/base-cluster/values.yaml
charts/base-cluster/values.schema.json

🧰 Additional context used

🧠 Learnings (2)

📓 Common learnings

Learnt from: cwrau
PR: teutonet/teutonet-helm-charts#1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as `pagerduty` object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (1)

Learnt from: cwrau
PR: #1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as pagerduty object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

🪛 YAMLlint (1.37.1)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml

[error] 2-2: syntax error: expected '', but found '{'

(syntax)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

GitHub Check: check licenses
GitHub Check: lint helm chart (base-cluster)
GitHub Check: wait-for-checks

🔇 Additional comments (3)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (3)

51-61: Quote constant keeps single PagerDuty receiver – OK by schema

PagerDuty is deliberately stored under the fixed key "pagerduty" so additional entries would overwrite the previous one. Given the schema only allows one PagerDuty object, that’s correct and the implementation now matches the contract.
No action required.

87-89: Exact hasKey works given the schema

Because the values schema restricts PagerDuty to a single top-level key named
pagerduty, the exact-match hasKey check is appropriate and won’t miss any
legitimate configurations.
Good to keep things simple here.

1-2: YAMLlint false positive – template delimiters confuse the linter

The YAMLlint error reported in CI is a known limitation when raw Helm
templates are linted as plain YAML. No change is necessary.

coderabbitai

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b817202 and 9cf1b76.

📒 Files selected for processing (1)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/validation.yaml (1 hunks)

🧰 Additional context used

🧠 Learnings (2)

📓 Common learnings

Learnt from: cwrau
PR: teutonet/teutonet-helm-charts#1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as `pagerduty` object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

charts/base-cluster/templates/monitoring/kube-prometheus-stack/validation.yaml (1)

Learnt from: cwrau
PR: #1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as pagerduty object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

🪛 YAMLlint (1.37.1)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/validation.yaml

[error] 1-1: syntax error: expected the node content, but found '-'

(syntax)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

GitHub Check: check licenses
GitHub Check: lint helm chart (base-cluster)
GitHub Check: wait-for-checks

charts/base-cluster/templates/monitoring/kube-prometheus-stack/validation.yaml

coderabbitai

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9cf1b76 and 2f4f727.

📒 Files selected for processing (1)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/validation.yaml (1 hunks)

🧠 Learnings (2)

📓 Common learnings

Learnt from: cwrau
PR: teutonet/teutonet-helm-charts#1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as `pagerduty` object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

charts/base-cluster/templates/monitoring/kube-prometheus-stack/validation.yaml (1)

Learnt from: cwrau
PR: #1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as pagerduty object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

🪛 YAMLlint (1.37.1)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/validation.yaml

[error] 1-1: syntax error: expected the node content, but found '-'

(syntax)

[warning] 4-4: wrong indentation: expected 0 but found 4

(indentation)

[warning] 5-5: wrong indentation: expected 0 but found 2

(indentation)

🧰 Additional context used

🧠 Learnings (2)

📓 Common learnings

Learnt from: cwrau
PR: teutonet/teutonet-helm-charts#1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as `pagerduty` object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

charts/base-cluster/templates/monitoring/kube-prometheus-stack/validation.yaml (1)

Learnt from: cwrau
PR: #1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as pagerduty object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

🪛 YAMLlint (1.37.1)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/validation.yaml

[error] 1-1: syntax error: expected the node content, but found '-'

(syntax)

[warning] 4-4: wrong indentation: expected 0 but found 4

(indentation)

[warning] 5-5: wrong indentation: expected 0 but found 2

(indentation)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

GitHub Check: Update release-please config file for a possibly new chart
GitHub Check: check licenses
GitHub Check: lint helm chart (base-cluster)
GitHub Check: wait-for-checks

charts/base-cluster/templates/monitoring/kube-prometheus-stack/validation.yaml

coderabbitai

Actionable comments posted: 2

♻️ Duplicate comments (1)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (1)
55-61: Stop mutating $name inside the loop – readability & safety

$name is reused to store the display name after the split, which makes the loop harder to follow and was the root cause of past bugs. Keep the original key immutable:
-  {{- range $name, $config := .Values.monitoring.prometheus.alertmanager.receivers -}}
-    {{- $type := $name -}}
-    {{- $splitted := splitList " " $name -}}
-    {{- if eq (len $splitted) 2 -}}
-      {{- $type = index $splitted 0 -}}
-      {{- $name = index $splitted 1 -}}
-    {{- end -}}
+  {{- range $rawName, $config := .Values.monitoring.prometheus.alertmanager.receivers -}}
+    {{- $parts := splitList " " $rawName -}}
+    {{- $type := index $parts 0 -}}
+    {{- $displayName := (eq (len $parts) 2) | ternary (index $parts 1) $type -}}
Then use $displayName instead of $name in the set calls below.
This removes side-effects and makes future modifications less error-prone.

🧹 Nitpick comments (2)

charts/base-cluster/ci/alertmanager-values.yaml (1)
4-5: Quote keys that contain spaces for YAML clarity

While unquoted keys like email testmail: are technically valid, quoting avoids surprises with linters and editors:
-        email testmail:
+        "email testmail":
Also applies to: 14-15
charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (1)

95-109: Receiver existence check happens after user routes are appended

If a user route references a receiver that is added later in the loop (rare but possible when the values file’s key order differs), validation will incorrectly fail.
Compute $receivers completely before building $routes/calling the validator to avoid order-dependence.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e7f69c3 and 246dea2.

📒 Files selected for processing (3)

charts/base-cluster/ci/alertmanager-values.yaml (1 hunks)
charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (2 hunks)
charts/base-cluster/values.schema.json (2 hunks)

🧠 Learnings (3)

📓 Common learnings

Learnt from: cwrau
PR: teutonet/teutonet-helm-charts#1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as `pagerduty` object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

charts/base-cluster/ci/alertmanager-values.yaml (1)

Learnt from: cwrau
PR: #1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as pagerduty object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (1)

Learnt from: cwrau
PR: #1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as pagerduty object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

🪛 GitHub Actions: Lint Helm Charts

charts/base-cluster/ci/alertmanager-values.yaml

[warning] 1-1: coalesce.go warnings: cannot overwrite table with non table for monitoring.prometheus.alertmanager.routes.

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml

[warning] 1-1: coalesce.go warnings: cannot overwrite table with non table for monitoring.prometheus.alertmanager.routes.

🪛 YAMLlint (1.37.1)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml

[error] 2-2: syntax error: expected '', but found '{'

(syntax)

[warning] 6-6: wrong indentation: expected 0 but found 2

(indentation)

[warning] 7-7: wrong indentation: expected 0 but found 4

(indentation)

[warning] 8-8: wrong indentation: expected 0 but found 6

(indentation)

[warning] 9-9: wrong indentation: expected 0 but found 4

(indentation)

[warning] 10-10: wrong indentation: expected 0 but found 2

(indentation)

[warning] 11-11: wrong indentation: expected 0 but found 2

(indentation)

[warning] 12-12: wrong indentation: expected 0 but found 4

(indentation)

[warning] 13-13: wrong indentation: expected 0 but found 2

(indentation)

🚧 Files skipped from review as they are similar to previous changes (1)

charts/base-cluster/values.schema.json

🧰 Additional context used

🧠 Learnings (3)

📓 Common learnings

Learnt from: cwrau
PR: teutonet/teutonet-helm-charts#1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as `pagerduty` object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

charts/base-cluster/ci/alertmanager-values.yaml (1)

Learnt from: cwrau
PR: #1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as pagerduty object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (1)

Learnt from: cwrau
PR: #1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as pagerduty object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

🪛 GitHub Actions: Lint Helm Charts

charts/base-cluster/ci/alertmanager-values.yaml

[warning] 1-1: coalesce.go warnings: cannot overwrite table with non table for monitoring.prometheus.alertmanager.routes.

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml

[warning] 1-1: coalesce.go warnings: cannot overwrite table with non table for monitoring.prometheus.alertmanager.routes.

🪛 YAMLlint (1.37.1)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml

[error] 2-2: syntax error: expected '', but found '{'

(syntax)

[warning] 6-6: wrong indentation: expected 0 but found 2

(indentation)

[warning] 7-7: wrong indentation: expected 0 but found 4

(indentation)

[warning] 8-8: wrong indentation: expected 0 but found 6

(indentation)

[warning] 9-9: wrong indentation: expected 0 but found 4

(indentation)

[warning] 10-10: wrong indentation: expected 0 but found 2

(indentation)

[warning] 11-11: wrong indentation: expected 0 but found 2

(indentation)

[warning] 12-12: wrong indentation: expected 0 but found 4

(indentation)

[warning] 13-13: wrong indentation: expected 0 but found 2

(indentation)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

GitHub Check: check licenses
GitHub Check: wait-for-checks

🔇 Additional comments (1)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (1)

62-73: Schema allows only one PagerDuty receiver – short-circuit further iterations

When multiple pagerduty … keys are supplied, later iterations silently overwrite the earlier one.
Given the one-receiver restriction, consider adding an explicit guard:
{{- if and (eq $type "pagerduty") (hasKey $receivers "pagerduty") -}}
  {{- fail "Only one PagerDuty receiver is supported by the schema" -}}
{{- end -}}
Failing fast prevents confusing “last one wins” behaviour.

charts/base-cluster/ci/alertmanager-values.yaml

coderabbitai

Actionable comments posted: 0

🧹 Nitpick comments (2)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (2)
43-50: “null” placeholder might collide with a real receiver name
If a user legitimately defines a receiver called null, the placeholder will be overwritten and the InfoInhibitor / Watchdog route will suddenly hit a non-existent receiver. Consider using something that is virtually impossible to clash with (e.g. __blackhole__) or make the placeholder configurable.
-  {{- $receivers := dict "null" (dict) -}}
+  {{- $receivers := dict "__blackhole__" (dict) -}}
...
-      "receiver" "null"
+      "receiver" "__blackhole__"
55-61: Stop mutating $name – keep type, display name, and original key separate
Re-assigning $name after the split is functional but makes the block harder to reason about and risks future bugs. Capture a dedicated $displayName instead:
-    {{- $type := $name -}}
-    {{- $splitted := splitList " " $name -}}
-    {{- if eq (len $splitted) 2 -}}
-      {{- $type = index $splitted 0 -}}
-      {{- $name = index $splitted 1 -}}
-    {{- end -}}
+    {{- $parts := splitList " " $name -}}
+    {{- $type := index $parts 0 -}}
+    {{- $displayName := (len $parts | eq 2 | ternary (index $parts 1) $type) -}}
…and then use $displayName when you store the receiver. Improves readability and removes hidden state.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between db4e3bb and 3d28f28.

📒 Files selected for processing (1)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (2 hunks)

🧠 Learnings (2)

📓 Common learnings

Learnt from: cwrau
PR: teutonet/teutonet-helm-charts#1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as `pagerduty` object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (1)

Learnt from: cwrau
PR: #1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as pagerduty object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

🪛 YAMLlint (1.37.1)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml

[error] 2-2: syntax error: expected '', but found '{'

(syntax)

[warning] 6-6: wrong indentation: expected 0 but found 2

(indentation)

[warning] 7-7: wrong indentation: expected 0 but found 4

(indentation)

[warning] 8-8: wrong indentation: expected 0 but found 6

(indentation)

[warning] 9-9: wrong indentation: expected 0 but found 4

(indentation)

[warning] 10-10: wrong indentation: expected 0 but found 2

(indentation)

[warning] 11-11: wrong indentation: expected 0 but found 2

(indentation)

[warning] 12-12: wrong indentation: expected 0 but found 4

(indentation)

[warning] 13-13: wrong indentation: expected 0 but found 2

(indentation)

🧰 Additional context used

🧠 Learnings (2)

📓 Common learnings

Learnt from: cwrau
PR: teutonet/teutonet-helm-charts#1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as `pagerduty` object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (1)

Learnt from: cwrau
PR: #1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as pagerduty object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

🪛 YAMLlint (1.37.1)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml

[error] 2-2: syntax error: expected '', but found '{'

(syntax)

[warning] 6-6: wrong indentation: expected 0 but found 2

(indentation)

[warning] 7-7: wrong indentation: expected 0 but found 4

(indentation)

[warning] 8-8: wrong indentation: expected 0 but found 6

(indentation)

[warning] 9-9: wrong indentation: expected 0 but found 4

(indentation)

[warning] 10-10: wrong indentation: expected 0 but found 2

(indentation)

[warning] 11-11: wrong indentation: expected 0 but found 2

(indentation)

[warning] 12-12: wrong indentation: expected 0 but found 4

(indentation)

[warning] 13-13: wrong indentation: expected 0 but found 2

(indentation)

🔇 Additional comments (2)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (2)

5-14: Recursive “receiver-exists” validation is spot-on
Neat, fails fast, and prevents mis-configured routes from ever reaching Alertmanager.

63-73: PagerDuty receiver – single-key approach aligns with schema
Keeping the key fixed to "pagerduty" enforces the “only one PagerDuty receiver” rule baked into the values schema. Looks good.

coderabbitai

Actionable comments posted: 2

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 3d28f28 and 3892128.

📒 Files selected for processing (1)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/alertmanager-networkpolicy.yaml (1 hunks)

🧠 Learnings (2)

📓 Common learnings

Learnt from: cwrau
PR: teutonet/teutonet-helm-charts#1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as `pagerduty` object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

charts/base-cluster/templates/monitoring/kube-prometheus-stack/alertmanager-networkpolicy.yaml (1)

Learnt from: cwrau
PR: #1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as pagerduty object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

🪛 YAMLlint (1.37.1)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/alertmanager-networkpolicy.yaml

[error] 1-1: syntax error: expected the node content, but found '-'

(syntax)

🧰 Additional context used

🧠 Learnings (2)

📓 Common learnings

Learnt from: cwrau
PR: teutonet/teutonet-helm-charts#1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as `pagerduty` object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

charts/base-cluster/templates/monitoring/kube-prometheus-stack/alertmanager-networkpolicy.yaml (1)

Learnt from: cwrau
PR: #1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as pagerduty object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

🪛 YAMLlint (1.37.1)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/alertmanager-networkpolicy.yaml

[error] 1-1: syntax error: expected the node content, but found '-'

(syntax)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

GitHub Check: check licenses
GitHub Check: lint helm chart (base-cluster)
GitHub Check: wait-for-checks

charts/base-cluster/templates/monitoring/kube-prometheus-stack/alertmanager-networkpolicy.yaml

marvinWolff · 2025-07-24T11:42:26Z

@coderabbitai full review

coderabbitai · 2025-07-24T11:42:32Z

✅ Actions performed

Full review triggered.

coderabbitai

Actionable comments posted: 1

♻️ Duplicate comments (2)

charts/base-cluster/values.schema.json (2)
735-774: Email receiver schema still missing "type": "object"
Same comment as earlier – without the explicit type the validation is weaker than the rest of the file.
 "^email($| \\S+$)": {
+  "type": "object",
   "description": "Sets up an email receiver …",
710-712: defaultReceiver lacks validation & documentation

The field is a plain string; typos silently pass schema validation but will break Alertmanager at runtime.
Add a description and at least enforce a non-empty string.
-        "defaultReceiver": {
-          "type": "string"
-        },
+        "defaultReceiver": {
+          "type": "string",
+          "description": "Name of the receiver used when no route matches. Must equal one of the keys in .receivers.",
+          "minLength": 1
+        },

🧹 Nitpick comments (3)

charts/base-cluster/ci/alertmanager-values.yaml (1)
10-21: Plaintext SMTP credentials are acceptable for CI, but mark them as dummy

Consider explicitly flagging them as placeholders to avoid confusion in code-search results.
-          password: "1234"
+          password: "<dummy>"
...
-          password: abcd
+          password: "<dummy>"
charts/base-cluster/templates/monitoring/kube-prometheus-stack/alertmanager-networkpolicy.yaml (1)
24-31: protocol field omitted – add for stricter Cilium validation

Although Cilium treats missing protocol as “ANY”, explicitly setting TCP avoids lint warnings and makes intent clear.
-        - ports:
+        - ports:
             {{- range $port := $ports | uniq | sortAlpha }}
-            - port: {{ $port | quote }}
+            - port: {{ $port | quote }}
+              protocol: TCP
             {{- end }}
charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (1)
55-61: Avoid mutating $name inside the loop

Changing the range key $name in-place makes the block harder to reason about and is easy to break once a third suffix component (e.g. "email prod ops") appears.
Keep the original key immutable and introduce a separate $displayName variable instead.
-{{- $type := $name -}}
-{{- $splitted := splitList " " $name -}}
-{{- if eq (len $splitted) 2 -}}
-  {{- $type = index $splitted 0 -}}
-  {{- $name = index $splitted 1 -}}
-{{- end -}}
+{{- $parts := splitList " " $name -}}
+{{- $type := index $parts 0 -}}
+{{- $displayName := (gt (len $parts) 1 | ternary (index $parts 1) $type) -}}
Then use $displayName where you currently use the potentially mutated $name.
This keeps the intent crystal-clear and prevents accidental key collisions.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between eec214f and 2c322ca.

📒 Files selected for processing (7)

charts/base-cluster/ci/alertmanager-values.yaml (1 hunks)
charts/base-cluster/ci/artifacthub-values.yaml (1 hunks)
charts/base-cluster/ci/pagerduty-values.yaml (1 hunks)
charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (2 hunks)
charts/base-cluster/templates/monitoring/kube-prometheus-stack/alertmanager-networkpolicy.yaml (1 hunks)
charts/base-cluster/values.schema.json (2 hunks)
charts/base-cluster/values.yaml (1 hunks)

🧰 Additional context used

🧠 Learnings (8)

📓 Common learnings

Learnt from: cwrau
PR: teutonet/teutonet-helm-charts#1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as `pagerduty` object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

charts/base-cluster/ci/artifacthub-values.yaml (1)

Learnt from: cwrau
PR: #1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as pagerduty object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

charts/base-cluster/ci/alertmanager-values.yaml (2)

Learnt from: cwrau
PR: #1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as pagerduty object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

Learnt from: cwrau
PR: #1601
File: charts/base-cluster/templates/dns/external-dns.yaml:33-39
Timestamp: 2025-07-24T09:56:41.334Z
Learning: In the teutonet-helm-charts base-cluster chart, secret names like "external-dns" for Cloudflare provider are intentionally hard-coded. Users who need custom secret names should use Helm's valuesFrom feature to override values rather than expecting dedicated fields in values.yaml. This design keeps the values.yaml clean while still allowing full customization flexibility.

charts/base-cluster/ci/pagerduty-values.yaml (1)

Learnt from: cwrau
PR: #1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as pagerduty object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

charts/base-cluster/values.yaml (3)

Learnt from: cwrau
PR: #1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as pagerduty object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

Learnt from: cwrau
PR: #1601
File: charts/base-cluster/templates/dns/external-dns.yaml:33-39
Timestamp: 2025-07-24T09:56:41.334Z
Learning: In the teutonet-helm-charts base-cluster chart, secret names like "external-dns" for Cloudflare provider are intentionally hard-coded. Users who need custom secret names should use Helm's valuesFrom feature to override values rather than expecting dedicated fields in values.yaml. This design keeps the values.yaml clean while still allowing full customization flexibility.

Learnt from: cwrau
PR: #1601
File: charts/base-cluster/templates/dns/external-dns.yaml:30-32
Timestamp: 2025-07-24T09:55:53.614Z
Learning: In charts/base-cluster/templates/dns/external-dns.yaml, the dns.provider field in values.yaml has always been expected to be a map format (e.g., { cloudflare: {} }), never a string format. The template correctly uses {{ .Values.dns.provider | keys | first }} to extract the provider name from the map keys.

charts/base-cluster/templates/monitoring/kube-prometheus-stack/alertmanager-networkpolicy.yaml (5)

Learnt from: cwrau
PR: #1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/alertmanager-networkpolicy.yaml:16-23
Timestamp: 2025-07-24T11:32:00.003Z
Learning: The Helm/Sprig dig function syntax is dig key1 key2 ... keyN default dict, where keys come first, then the default value, and finally the dictionary to search. For example, dig $receiver.host (list) $fqdns correctly looks up $receiver.host in $fqdns with (list) as default.

Learnt from: cwrau
PR: #1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/alertmanager-networkpolicy.yaml:16-23
Timestamp: 2025-07-24T11:32:00.003Z
Learning: The Helm/Sprig dig function syntax is dig "key1" "key2" ... "defaultValue" $dict, where keys come first, then the default value, and finally the dictionary to search. The dictionary argument must come last. For example, dig $receiver.host (list) $fqdns correctly looks up $receiver.host in $fqdns with (list) as the default value.

Learnt from: cwrau
PR: #1601
File: charts/base-cluster/templates/dns/external-dns.yaml:30-32
Timestamp: 2025-07-24T09:55:53.614Z
Learning: In charts/base-cluster/templates/dns/external-dns.yaml, the dns.provider field in values.yaml has always been expected to be a map format (e.g., { cloudflare: {} }), never a string format. The template correctly uses {{ .Values.dns.provider | keys | first }} to extract the provider name from the map keys.

Learnt from: cwrau
PR: #1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as pagerduty object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

Learnt from: cwrau
PR: #1601
File: charts/base-cluster/templates/dns/external-dns.yaml:33-39
Timestamp: 2025-07-24T09:56:41.334Z
Learning: In the teutonet-helm-charts base-cluster chart, secret names like "external-dns" for Cloudflare provider are intentionally hard-coded. Users who need custom secret names should use Helm's valuesFrom feature to override values rather than expecting dedicated fields in values.yaml. This design keeps the values.yaml clean while still allowing full customization flexibility.

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (2)

Learnt from: cwrau
PR: #1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as pagerduty object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

Learnt from: cwrau
PR: #1601
File: charts/base-cluster/templates/dns/external-dns.yaml:30-32
Timestamp: 2025-07-24T09:55:53.614Z
Learning: In charts/base-cluster/templates/dns/external-dns.yaml, the dns.provider field in values.yaml has always been expected to be a map format (e.g., { cloudflare: {} }), never a string format. The template correctly uses {{ .Values.dns.provider | keys | first }} to extract the provider name from the map keys.

charts/base-cluster/values.schema.json (1)

Learnt from: cwrau
PR: #1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as pagerduty object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.

🪛 YAMLlint (1.37.1)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/alertmanager-networkpolicy.yaml

[error] 1-1: syntax error: expected the node content, but found '-'

(syntax)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml

[error] 2-2: syntax error: expected '', but found '{'

(syntax)

[warning] 6-6: wrong indentation: expected 0 but found 2

(indentation)

[warning] 7-7: wrong indentation: expected 0 but found 4

(indentation)

[warning] 8-8: wrong indentation: expected 0 but found 6

(indentation)

[warning] 9-9: wrong indentation: expected 0 but found 4

(indentation)

[warning] 10-10: wrong indentation: expected 0 but found 2

(indentation)

[warning] 11-11: wrong indentation: expected 0 but found 2

(indentation)

[warning] 12-12: wrong indentation: expected 0 but found 4

(indentation)

[warning] 13-13: wrong indentation: expected 0 but found 2

(indentation)

🔇 Additional comments (4)

charts/base-cluster/ci/artifacthub-values.yaml (1)

41-44: enabled flag removal + integration key patch LGTM

Dropping the obsolete enabled flag and switching to a 32-char placeholder key aligns with the new schema and keeps CI fixtures valid. No further action required.

charts/base-cluster/ci/pagerduty-values.yaml (1)

4-7: Consistent PagerDuty placeholder – looks good

The file mirrors the new schema exactly; length and format of the placeholder key satisfy the 32-character constraint.
charts/base-cluster/ci/alertmanager-values.yaml (1)

4-6: Possible default-receiver mismatch

defaultReceiver: testmail does not match any exact key in receivers (email / email testmail).
If the template expects an exact key, Alertmanager’s top-level route will reference a non-existent receiver and fail validation.
-      defaultReceiver: testmail
+      defaultReceiver: "email testmail"
Please verify how _alertmanager-config.yaml resolves the default receiver.
charts/base-cluster/values.yaml (1)

298-300: null sentinel might still surface in rendered config

The ternary falls back to the literal string "null".
If the Alertmanager template inserts this value unchanged, the generated route will again point to a non-existent receiver.

Confirm that the template substitutes "null" with an empty value or omits the receiver field entirely; otherwise consider:
-      defaultReceiver: '{{ hasKey .Values.monitoring.prometheus.alertmanager.receivers "pagerduty" | ternary "pagerduty" "" }}'
+      defaultReceiver: '{{ hasKey .Values.monitoring.prometheus.alertmanager.receivers "pagerduty" | ternary "pagerduty" "" }}'

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml

charts/base-cluster/values.schema.json

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml

…onfiguration capabilities

coderabbitai

Actionable comments posted: 0

♻️ Duplicate comments (1)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/alertmanager-networkpolicy.yaml (1)
24-32: Broken indentation & malformed toPorts block – policy will be rejected by Cilium

toPorts must be a sibling of toFQDNs (same indent level) and has to contain a list of { port, protocol } maps.
The current indentation nests toPorts under toFQDNs, and ports: is emitted as a scalar instead of a list. This produces invalid YAML and Cilium will refuse the manifest.
-    - toFQDNs:
-        - matchName: {{ $host }}
-      toPorts:
-        - ports:
-      {{- range $port := $ports | uniq | sortAlpha }}
-            - port: {{ $port | quote }}
-      {{- end }}
+      - toFQDNs:
+          - matchName: {{ $host }}
+        toPorts:
+          - ports:
+{{- range $port := $ports | uniq | sortAlpha }}
+              - port: {{ $port | quote }}
+                protocol: TCP
+{{- end }}
After applying, run helm template + kubectl apply --dry-run=client to confirm the CRD validates.

🧹 Nitpick comments (2)

charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (2)
55-61: Receiver name parsing is limited to exactly two tokens

splitList " " $name followed by if eq (len $splitted) 2 means keys like
"email team prod" (3 tokens) or accidental double-spaces silently fall back to type = name, causing the receiver to be ignored.
-    {{- if eq (len $splitted) 2 -}}
+    {{- if ge (len $splitted) 2 -}}
This keeps the first element as the type and joins the rest back together (or just takes index 1) to form the display name, making the template tolerant to extra qualifiers.

1-3: Alertmanager disabled when only Dead-Mans-Switch is configured

base-cluster.prometheus-stack.alertmanager.enabled returns false when the user receiver map is empty, even though the template later injects a healthchecks.io receiver.
Consider expanding the predicate to include the Dead-Mans-Switch toggle, otherwise operators must always define at least one dummy receiver.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8644dbb and 39ea3f4.

📒 Files selected for processing (7)

charts/base-cluster/ci/alertmanager-values.yaml (1 hunks)
charts/base-cluster/ci/artifacthub-values.yaml (1 hunks)
charts/base-cluster/ci/pagerduty-values.yaml (1 hunks)
charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml (2 hunks)
charts/base-cluster/templates/monitoring/kube-prometheus-stack/alertmanager-networkpolicy.yaml (1 hunks)
charts/base-cluster/values.schema.json (3 hunks)
charts/base-cluster/values.yaml (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (5)

charts/base-cluster/ci/pagerduty-values.yaml
charts/base-cluster/ci/alertmanager-values.yaml
charts/base-cluster/ci/artifacthub-values.yaml
charts/base-cluster/values.yaml
charts/base-cluster/values.schema.json

🧰 Additional context used

🧠 Learnings (3)

📓 Common learnings

Learnt from: cwrau
PR: teutonet/teutonet-helm-charts#1600
File: charts/base-cluster/templates/monitoring/kube-prometheus-stack/_alertmanager-config.yaml:50-61
Timestamp: 2025-07-21T14:04:07.110Z
Learning: In base-cluster alertmanager configuration, the schema only supports a single PagerDuty receiver (defined as `pagerduty` object), but supports multiple email receivers via pattern properties (e.g., "email", "email prod", "email staging"). Multiple PagerDuty receivers are not supported by design.