Use patches to expose services

[sircthulhu]

Improve commands in docs to use jsonpatch to add elements instead of replacing whole arrays

Summary by CodeRabbit

Release Notes

• Documentation
  • Simplified kubectl patch commands across installation and configuration guides with more precise, incremental operations
  • Removed outdated guidance about array replacement behavior
  • Updated commands now efficiently extend services and packages without full array rewrites

[netlify]

✅ Deploy Preview for cozystack ready!

Name	Link
🔨 Latest commit	c53ee93
🔍 Latest deploy log	https://app.netlify.com/projects/cozystack/deploys/6997eab7e27c5500087157bc
😎 Deploy Preview	https://deploy-preview-427--cozystack.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[gemini-code-assist]

Summary of Changes

Hello @sircthulhu, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request refines the kubectl patch command examples within the documentation. The change ensures that when users modify configurations involving lists, such as exposing services or enabling packages, they can append new items without inadvertently overwriting existing entries. This improves the robustness and clarity of the documented procedures, making them less prone to user error and data loss.

Highlights

• Documentation Update: Updated kubectl patch commands in the documentation to use JSON patch (--type=json) instead of JSON merge patch (--type=merge).
• Improved Array Handling: The new JSON patch commands specifically use the 'add' operation to append elements to arrays (e.g., exposedServices, enabledPackages), preventing the accidental replacement of entire arrays that could occur with merge patches.
• Removed Warnings: Eliminated warning alerts and notes that cautioned users about merge patch replacing arrays wholesale, as the new approach resolves this issue.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog

• content/en/docs/v1/getting-started/install-cozystack.md
  • Updated kubectl patch command for exposedServices to use jsonpatch.
  • Removed warning about JSON merge patch replacing arrays wholesale.
• content/en/docs/v1/install/cozystack/_index.md
  • Updated kubectl patch command for exposedServices to use jsonpatch.
• content/en/docs/v1/storage/nfs.md
  • Updated kubectl patch command for enabledPackages to use jsonpatch.
  • Removed warning about JSON merge patch replacing arrays wholesale.
• content/en/docs/v1/virtualization/_index.md
  • Updated kubectl patch command for exposedServices to use jsonpatch.
  • Removed note about JSON merge patch replacing arrays wholesale.
• content/en/docs/v1/virtualization/gpu.md
  • Updated kubectl patch command for enabledPackages to use jsonpatch.
  • Removed alert about JSON merge patch replacing arrays wholesale.
• content/en/docs/v1/virtualization/proxmox-migration.md
  • Updated kubectl patch command for exposedServices to use jsonpatch.
  • Removed note about JSON merge patch replacing arrays wholesale.

Activity

• No human activity has been recorded on this pull request yet.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[coderabbitai]

📝 Walkthrough

Walkthrough

Six documentation files are updated with consistent Kubernetes patch command conversions. kubectl patch operations are replaced from JSON Merge Patch format (--type=merge) to JSON Patch format (--type=json), using explicit "add" operations to append items to arrays rather than replace them wholesale. Advisory alerts about Merge Patch behavior are removed.

Changes

Cohort / File(s)	Summary
Installation Documentation content/en/docs/v1/getting-started/install-cozystack.md, content/en/docs/v1/install/cozystack/_index.md	Updated kubectl patch commands from merge patch to JSON Patch format for exposedServices array updates. Removed advisory alerts about Merge Patch behavior.
Storage Documentation content/en/docs/v1/storage/nfs.md	Replaced merge patch with JSON Patch operation to append "nfs-driver" to enabledPackages array. Removed warning about Merge Patch behavior.
Virtualization Documentation content/en/docs/v1/virtualization/_index.md, content/en/docs/v1/virtualization/gpu.md, content/en/docs/v1/virtualization/proxmox-migration.md	Converted merge patch commands to JSON Patch format for appending to exposedServices and enabledPackages arrays. Removed explanatory notes and alerts about previous array replacement behavior.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 Arrays once merged with all their might,
Now JSON Patches make things right!
With "add" operations, precise and true,
We append what's needed—no replacement in view! ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Use patches to expose services' accurately describes the main change: switching from merge patch to JSON Patch operations for exposing services across multiple documentation files.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch use-jsonpatch-to-expose-services

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Code Review

The transition from merge patches to JSON patches is a significant improvement for the documentation. It ensures that users can enable multiple services or packages (like the dashboard, NFS driver, or GPU operator) without accidentally overwriting existing configuration in the arrays. This makes the guides much more robust for non-trivial setups. One minor point to consider is that JSON patches are stricter than merge patches regarding the existence of the target path; I've highlighted a couple of places where this might affect users with a minimal initial configuration.

[gemini-code-assist]

The switch to JSON patch is a great improvement for preserving existing array elements. However, unlike merge patches, JSON patches will fail if the target path does not exist. Since bundles.enabledPackages is not included in the minimal configuration example provided in the installation guides, this command will fail with a 'pointer to non-existent target' error for users who haven't manually added that section. You might want to add a note about this or ensure the base configuration in the 'Getting Started' guide includes these fields as empty arrays.

[gemini-code-assist]

Similar to the NFS guide, this JSON patch assumes that the /spec/components/platform/values/bundles/enabledPackages path already exists. If a user is following the default minimal installation, this path will be missing, and the kubectl patch command will fail. Consider mentioning that the bundles section should be present in the Platform Package configuration.

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@content/en/docs/v1/install/cozystack/_index.md`:
- Around line 694-695: The documentation uses a kubectl JSON Patch that appends
"dashboard" to the exposedServices array but fails if the array doesn't exist
and will duplicate entries on repeated runs; update the doc around the kubectl
patch example to (1) note that the parent array
spec/components/platform/values/publishing/exposedServices must already exist
and instruct users to initialize it first (e.g., via kubectl edit or by adding
it to their Package YAML) and (2) warn that the patch is non‑idempotent (it will
append duplicates on repeated runs) and advise checking/specifically ensuring
"dashboard" is not already present before re-running the kubectl patch command.

In `@content/en/docs/v1/virtualization/gpu.md`:
- Around line 38-39: The JSON Patch add using the
"/spec/components/platform/values/bundles/enabledPackages/-" path will fail if
enabledPackages is missing; change the docs to show a safe two-step or merge
approach: either first ensure the array exists by adding an empty array at
"/spec/components/platform/values/bundles/enabledPackages" and then append the
element, or use a strategic/merge-style patch that sets
spec.components.platform.values.bundles.enabledPackages to include
"gpu-operator" in one operation; reference the kubectl patch invocation and the
JSON path "/spec/components/platform/values/bundles/enabledPackages" in the
instructions so users run the safe two-step or merge alternative instead of the
single add with "-" token.

---

Duplicate comments:
In `@content/en/docs/v1/getting-started/install-cozystack.md`:
- Around line 629-630: The JSON Patch command shown (kubectl ... --type=json
with op "add" and path
"/spec/components/platform/values/publishing/exposedServices/-") is correct for
the documented scenario but needs an inline caveat: add a short note next to
this command explaining the edge cases—if the exposedServices array is missing
the JSON Patch will fail and repeated runs may not be idempotent—so advise to
pre-seed the array or use a different patch strategy; also add a brief
confirmation that the later externalIPs patches intentionally use --type=merge
(full-array replacement) and should remain as-is.

In `@content/en/docs/v1/storage/nfs.md`:
- Around line 15-16: The patch command fails when bundles.enabledPackages is
absent because the JSON Patch add at path
"/spec/components/platform/values/bundles/enabledPackages/-" requires the array
to exist; update the doc around the kubectl patch for "packages.cozystack.io
cozystack.cozystack-platform" to present two variants: (1) a safe check/ensure
step to create or verify the "bundles.enabledPackages" array before using the
JSON Patch add, and (2) a fallback using kubectl patch --type=merge that
initializes the field and appends "nfs-driver" in one operation; mention the
same fix pattern as used in gpu.md and reference the exact path and command
("kubectl patch ... -p '[{\"op\": \"add\", \"path\":
\"/spec/components/platform/values/bundles/enabledPackages/-\", \"value\":
\"nfs-driver\"}]'") so readers can choose the correct variant.

In `@content/en/docs/v1/virtualization/_index.md`:
- Around line 70-71: The kubectl JSON patch shown (the command adding to path
"/spec/components/platform/values/publishing/exposedServices/-") will fail if
the exposedServices array is absent and will append duplicates if run twice;
update the _index.md text to call this out and provide an idempotent
alternative: either a two-step approach that first ensures the array exists (add
"/spec/components/platform/values/publishing/exposedServices" as an array if
missing) then appends, or use a single replace/merge-style patch that sets the
exposedServices array to ["cdi-uploadproxy"] (i.e. target
"/spec/components/platform/values/publishing/exposedServices" rather than the
"/-/ element add") so the operation is safe to re-run; mention both the
failure-on-absence and non-idempotency and include the kubectl command names and
path "/spec/components/platform/values/publishing/exposedServices" so readers
can update their commands accordingly.

In `@content/en/docs/v1/virtualization/proxmox-migration.md`:
- Around line 26-27: The JSON patch currently appends "cdi-uploadproxy" to
"/spec/components/platform/values/publishing/exposedServices/-" which fails when
the array is missing and is not idempotent; change the patch to either (a) a
two-op JSON patch that first "test" that the array path does not exist and then
"add" the full array value ["cdi-uploadproxy"] (so it creates the array when
absent), or (b) use a merge/strategic-merge style patch that sets
"exposedServices": ["cdi-uploadproxy"] under
spec.components.platform.values.publishing to ensure the array exists and avoid
duplicate entries; update the kubectl command that references the path
"/spec/components/platform/values/publishing/exposedServices" accordingly
(replace the single append op to "-" with one of these idempotent approaches).

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

add with - fails if exposedServices array is absent; no deduplication guard

The JSON Patch add with - path correctly appends to an existing array without clobbering other entries — the main motivation of this PR. Two caveats worth documenting:

1. Array must pre-exist. The add operation fails with "add operation does not apply: doc is missing path: '.../-': missing value" when the parent array doesn't exist. The Kubernetes API server will not recursively create nested objects for a JSON patch input. The base config shown in this doc always seeds exposedServices, so the common path is fine, but a user who created a minimal Package without exposedServices will hit this failure silently. A brief note like "If exposedServices is not yet present in your Package, initialize it first via kubectl edit or add it to the YAML" would prevent confusion.

2. Non-idempotent. Running the command twice appends "dashboard" a second time, producing duplicates. A one-line note advising users to check for existing entries before re-running is worth adding.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@content/en/docs/v1/install/cozystack/_index.md` around lines 694 - 695, The
documentation uses a kubectl JSON Patch that appends "dashboard" to the
exposedServices array but fails if the array doesn't exist and will duplicate
entries on repeated runs; update the doc around the kubectl patch example to (1)
note that the parent array
spec/components/platform/values/publishing/exposedServices must already exist
and instruct users to initialize it first (e.g., via kubectl edit or by adding
it to their Package YAML) and (2) warn that the patch is non‑idempotent (it will
append duplicates on repeated runs) and advise checking/specifically ensuring
"dashboard" is not already present before re-running the kubectl patch command.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

add /- fails when enabledPackages doesn't exist — common first-run scenario

The enabledPackages field is absent from the base Platform Package YAML documented across these docs. For any user who has never previously set bundles.enabledPackages, the JSON Patch operation will fail:

The request is invalid: ... add operation does not apply:
doc is missing path: "/spec/components/platform/values/bundles/enabledPackages/-"

The Kubernetes API server will not recursively create nested objects for a JSON patch input. The - token requires the array to already exist at the parent path.

Consider replacing with a two-step approach or adding a note with a fallback for first-time users:

🛠️ Suggested fallback for when the array doesn't yet exist

-    kubectl patch packages.cozystack.io cozystack.cozystack-platform --type=json \
-      -p '[{"op": "add", "path": "/spec/components/platform/values/bundles/enabledPackages/-", "value": "gpu-operator"}]'
+    # If enabledPackages already exists in your Package:
+    kubectl patch packages.cozystack.io cozystack.cozystack-platform --type=json \
+      -p '[{"op": "add", "path": "/spec/components/platform/values/bundles/enabledPackages/-", "value": "gpu-operator"}]'
+
+    # If enabledPackages does not yet exist (first time adding a package):
+    kubectl patch packages.cozystack.io cozystack.cozystack-platform --type=merge \
+      -p '{"spec":{"components":{"platform":{"values":{"bundles":{"enabledPackages":["gpu-operator"]}}}}}}'

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	kubectl patch packages.cozystack.io cozystack.cozystack-platform --type=json \
	-p '[{"op": "add", "path": "/spec/components/platform/values/bundles/enabledPackages/-", "value": "gpu-operator"}]'
	# If enabledPackages already exists in your Package:
	kubectl patch packages.cozystack.io cozystack.cozystack-platform --type=json \
	-p '[{"op": "add", "path": "/spec/components/platform/values/bundles/enabledPackages/-", "value": "gpu-operator"}]'
	# If enabledPackages does not yet exist (first time adding a package):
	kubectl patch packages.cozystack.io cozystack.cozystack-platform --type=merge \
	-p '{"spec":{"components":{"platform":{"values":{"bundles":{"enabledPackages":["gpu-operator"]}}}}}}'

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@content/en/docs/v1/virtualization/gpu.md` around lines 38 - 39, The JSON
Patch add using the "/spec/components/platform/values/bundles/enabledPackages/-"
path will fail if enabledPackages is missing; change the docs to show a safe
two-step or merge approach: either first ensure the array exists by adding an
empty array at "/spec/components/platform/values/bundles/enabledPackages" and
then append the element, or use a strategic/merge-style patch that sets
spec.components.platform.values.bundles.enabledPackages to include
"gpu-operator" in one operation; reference the kubectl patch invocation and the
JSON path "/spec/components/platform/values/bundles/enabledPackages" in the
instructions so users run the safe two-step or merge alternative instead of the
single add with "-" token.