Conversation
mythical-fred
left a comment
There was a problem hiding this comment.
LGTM. Symmetric with the existing restriction, and the test-model alignment commit (dropping the spurious /// model-only checks) is a nice bonus — model and source now agree on what is restricted, so the proptest harness () actually exercises the new branch via the strategy that varies .
One soft nit, non-blocking: the defaulting trick on the field is load-bearing (older pipelines may lack the key) but it is a little obscure for a future reader — a brief comment would help. The new / checks correctly use -equality so a missing key on both sides compares equal without that workaround. Fine as is.
🐟
|
My APPROVE review just above arrived with most of its code spans eaten by a shell-substitution bug on my end (unquoted heredoc + backticks — same trap I burned myself on in #6355, lesson clearly not learned). Posting the intended text here. LGTM. Symmetric with the existing One soft nit, non-blocking: the 🐟 |
snkas
left a comment
There was a problem hiding this comment.
Looks good, only thing that would be handy is adding a Python test as it is e2e behavior that can be tested.
mythical-fred
left a comment
There was a problem hiding this comment.
Re-APPROVE on 834e15e.
Three nice things landed since my last pass:
- The
runtime_config.hostscomparison indb/operations/pipeline.rsdropped theunwrap_or(&one)defaulting. That was an unrelated latent bug —NonevsSome(1)andSome(null)would all collapse together and silently allow a transition between them. Straight equality is correct. storage_classrestriction added symmetrically withnamespace, both source and test model.- The test-model
ModelHelpersimpl now matches source exactly — the spurious model-only checks onprogram_code/udf_rust/udf_toml/program_configare gone, and thestoragefield check (which doesn't exist in source) is replaced with the realhostscheck. Model and source now agree on what is restricted, which is the whole point of the model. test_runtime_config_edit_restricted[_enterprise]parameterizes the lifecycle acrossworkers/resources.storage_mb_max/resources.namespace/resources.storage_class(+hosts/fault_toleranceenterprise-only). Good coverage that addresses snkas's e2e ask from earlier today.
Two non-blocking nits on the python helper:
helper_test_restricted_runtime_config_editends withTEST_CLIENT.patch_pipeline(name=pipeline_name, runtime_config={})to reset between fields. That works because the test sequencing happens to leave storage cleared at that point, but it's an implicit ordering dependency between calls. A short comment ("storage is cleared by the preceding successful patch, so this empty patch is allowed") would make the chain less fragile to future edits.- The
enterprise_onlytest creates a fresh pipeline rather than reusing the one fromtest_runtime_config_edit_restricted. Fine, but if you ever wanted to assert thathosts/fault_toleranceare also gated by the storage-cleared check in non-enterprise mode (where they should silently no-op or 400), there's no coverage. Tracking-issue territory, not a blocker.
runtime_config.resources.storage_class
- Only allow editing `runtime_config.resources.storage_class` if the pipeline storage is cleared - Align source and test code to the same few restricted fields - Integration tests for the edit-restricted fields being edited (enterprise and non-enterprise) - Documentation for edit-restricted runtime configuration fields Co-authored-by: Lalith Suresh <lalith@feldera.com> Signed-off-by: Lalith Suresh <lalith@feldera.com> Signed-off-by: Simon Kassing <simon.kassing@feldera.com>
runtime_config.resources.storage_classif the pipeline storage is clearedPR information
runtime_config.resources.storage_classif the storage is not cleared.