Conversation
Until a few versions ago the domain filter was only used for domains, now it's also used for zones if there is no zone filter given, which makes it misleading.
cwrau
requested review from
marvinWolff,
tasches and
teutonet-bot
as code owners
WalkthroughAdds conditional rendering of external-dns extraArgs based on dns.zones and updates the values schema to introduce dns.zones and describe dns.domains usage. Changes
Sequence Diagram(s)sequenceDiagram
autonumber
participant U as Values (dns.domains, dns.zones)
participant H as Helm Template
participant R as Rendered HelmRelease
participant D as external-dns
U->>H: Provide values
alt dns.zones defined
H->>R: Include extraArgs: --zone-name-filter=<zone> (per zone)
else
H->>R: Omit extraArgs block
end
R->>D: external-dns starts with rendered args
D-->>D: Applies filters based on args/domainFilters
note over D: Runtime behavior follows rendered flags
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes Pre-merge checks (3 passed)✅ Passed checks (3 passed)
Poem
Tip 👮 Agentic pre-merge checks are now available in preview!Pro plan users can now enable pre-merge checks in their settings to enforce checklists before merging PRs.
Please see the documentation for more information. Example: reviews:
pre_merge_checks:
custom_checks:
- name: "Undocumented Breaking Changes"
mode: "warning"
instructions: |
Pass/fail criteria: All breaking changes to public APIs, CLI flags, environment variables, configuration keys, database schemas, or HTTP/GraphQL endpoints must be documented in the "Breaking Change" section of the PR description and in CHANGELOG.md. Exclude purely internal or private changes (e.g., code not exported from package entry points or explicitly marked as internal).Please share your feedback with us on this Discord post. ✨ Finishing Touches🧪 Generate unit tests
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Pull Request Overview
This PR migrates the external-dns configuration from the older domainFilters syntax to the newer zones field for zone filtering, addressing the misleading nature of using domain filters for zone filtering when no explicit zone filter was provided.
- Adds a new
zonesfield to the JSON schema for explicit zone filtering - Updates external-dns template to use
--zone-name-filterarguments whenzonesis configured - Maintains backward compatibility by keeping the existing
domainsfield with updated documentation
Reviewed Changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| charts/base-cluster/values.schema.json | Adds new zones field and clarifies domains field usage in schema |
| charts/base-cluster/templates/dns/external-dns.yaml | Implements zone filtering using --zone-name-filter extraArgs when zones are specified |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (3)
charts/base-cluster/values.schema.json (2)
1153-1159: Clarify semantics and add examples for dns.domains.Good addition. Suggest documenting intended examples so users understand expected format.
"domains": { - "description": "This field is also used for zone filtering if `zones` is not provided, be careful", + "description": "List of domain filters passed to external-dns. If `zones` is not provided, these are also used for zone filtering by external-dns itself.", "type": "array", "uniqueItems": true, "items": { "type": "string" - } + }, + "examples": ["example.com", "apps.example.com"] },
1160-1166: Add description and examples for dns.zones to avoid confusion with domains.Make explicit that these are zone names (not IDs) and how they interact with domains.
- "zones": { - "type": "array", - "uniqueItems": true, - "items": { - "type": "string" - } - } + "zones": { + "description": "Explicit zone name filters (e.g., DNS zone names like 'example.com'). When set, the chart passes --zone-name-filter for each entry and external-dns will not infer zones from `domains`.", + "type": "array", + "uniqueItems": true, + "items": { + "type": "string" + }, + "examples": ["example.com", "internal.example.com"] + }charts/base-cluster/templates/dns/external-dns.yaml (1)
43-48: Avoid clobbering/limiting extraArgs; allow merging zone filters with user-provided args.As written, we only render extraArgs when zones are set and cannot combine with any other args. Recommend supporting user-provided extraArgs (kept optional in schema) and appending zone filters.
- {{- with .Values.dns.zones }} - extraArgs: - {{- range $zone := . }} - - --zone-name-filter={{ $zone }} - {{- end }} - {{- end }} + {{- $hasZones := and .Values.dns .Values.dns.zones }} + {{- if or $hasZones .Values.externalDNS.extraArgs }} + extraArgs: + {{- with .Values.externalDNS.extraArgs }} + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.dns.zones }} + {{- range . }} + - --zone-name-filter={{ . }} + {{- end }} + {{- end }} + {{- end }}If you want, I can also update values.schema.json to allow:
"externalDNS": { "type": "object", "properties": { "resourcesPreset": { "$ref": "#/$defs/resourcesPreset" }, "resources": { "$ref": "#/$defs/resourceRequirements" }, + "extraArgs": { + "type": "array", + "items": { "type": "string" }, + "uniqueItems": true, + "description": "Additional CLI args for external-dns, e.g. ['--log-level=debug']" + } }, "additionalProperties": false }
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (2)
charts/base-cluster/templates/dns/external-dns.yaml(1 hunks)charts/base-cluster/values.schema.json(1 hunks)
🧰 Additional context used
🧠 Learnings (2)
📚 Learning: 2025-07-24T09:55:53.655Z
Learnt from: cwrau
PR: teutonet/teutonet-helm-charts#1601
File: charts/base-cluster/templates/dns/external-dns.yaml:30-32
Timestamp: 2025-07-24T09:55:53.655Z
Learning: In charts/base-cluster/templates/dns/external-dns.yaml, the dns.provider field in values.yaml has always been expected to be a map format (e.g., `{ cloudflare: {} }`), never a string format. The template correctly uses `{{ .Values.dns.provider | keys | first }}` to extract the provider name from the map keys.
Applied to files:
charts/base-cluster/templates/dns/external-dns.yaml
📚 Learning: 2025-07-24T09:56:41.380Z
Learnt from: cwrau
PR: teutonet/teutonet-helm-charts#1601
File: charts/base-cluster/templates/dns/external-dns.yaml:33-39
Timestamp: 2025-07-24T09:56:41.380Z
Learning: In the teutonet-helm-charts base-cluster chart, secret names like "external-dns" for Cloudflare provider are intentionally hard-coded. Users who need custom secret names should use Helm's `valuesFrom` feature to override values rather than expecting dedicated fields in values.yaml. This design keeps the values.yaml clean while still allowing full customization flexibility.
Applied to files:
charts/base-cluster/templates/dns/external-dns.yaml
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)
- GitHub Check: Update release-please config file for a possibly new chart
- GitHub Check: check licenses
- GitHub Check: lint helm chart (base-cluster)
🔇 Additional comments (1)
charts/base-cluster/templates/dns/external-dns.yaml (1)
43-48: No changes needed:extraArgssupports both array and map forms; list entries like--zone-name-filter=<zone>are valid.
marvinWolff
approved these changes
Sep 10, 2025
Collaborator
|
@cwrau can't be merged because of the licensecheck fail but can not be rebased neither due to merge conflicts. |
cwrau
deleted the
chore/base-cluster/migrate-external-dns-domain-filter-syntax
branch
github-merge-queue Bot
pushed a commit
that referenced
this pull request
Oct 23, 2025
🤖 I have created a release *beep* *boop* --- ## [10.0.0](base-cluster-v9.4.0...base-cluster-v10.0.0) (2025-10-23) ### ⚠ BREAKING CHANGES * **base-cluster/backup:** add k8up provider ([#1751](#1751)) ### Features * **base-cluster/backup:** add k8up provider ([#1751](#1751)) ([0f36225](0f36225)) ### Bug Fixes * **base-cluster/kyverno:** change kubectl image ([#1734](#1734)) ([cb42f26](cb42f26)) * **base-cluster:** conditions must the `true`, not just truthy ([#1738](#1738)) ([7f46f4e](7f46f4e)) * **base-cluster:** migrate promtail leftovers to alloy ([#1720](#1720)) ([8b7d062](8b7d062)) ### Miscellaneous Chores * **base-cluster/external-dns:** migrate domainFilters syntax ([#1681](#1681)) ([51a42a2](51a42a2)) * **base-cluster/kdave:** remove kdave ([#1724](#1724)) ([723c049](723c049)) * **base-cluster/logs:** only delete volumes on deletion ([#1721](#1721)) ([36b657a](36b657a)) * **base-cluster/logs:** optimize volume chown; this speeds up startup ([36b657a](36b657a)) * **base-cluster/traces:** delete tempo volumes on deletion ([#1722](#1722)) ([0afce96](0afce96)) * **base-cluster:** use upstream kubectl image instead of rancher ([#1718](#1718)) ([d4daf94](d4daf94)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit ## Release Notes - Version 10.0.0 * **Breaking Changes** * base-cluster/backup provider modifications require attention during upgrade. * **New Features** * base-cluster/backup enhancements. * **Bug Fixes** * Kyverno configuration improvements. * kubectl image handling optimizations. * Boolean condition evaluation corrections. * Promtail migration cleanup. * Tempo volume deletion fixes. * **Chores** * Infrastructure syntax and dependency updates. <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: github-actions <41898282+github-actions[bot]@users.noreply.github.com>
This was referenced Nov 28, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Until a few versions ago the domain filter was only used for domains,
now it's also used for zones if there is no zone filter given, which
makes it misleading.
Summary by CodeRabbit
New Features
Documentation