fix(ci): as to not drop the comments of the templated yaml

[cwrau]

Summary by CodeRabbit

• Refactor

  • YAML processing reworked to split documents and handle them in parallel for faster, more robust processing.

• New Features

  • Added automatic templating support for HelmRelease content, with templated releases processed separately.

• Bug Fixes

  • Fixed path resolution for locating existing values so the correct directory is inspected.

• Chores

  • Removed several post-templating validation steps from the linter workflow.

[gemini-code-assist]

Summary of Changes

Hello @cwrau, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request refactors the CI scripts responsible for processing and organizing YAML configuration files, particularly those generated from HelmReleases. The primary motivation is to ensure that comments and original formatting are preserved when these YAML documents are split and templated, addressing a potential issue where such information might have been inadvertently dropped. The changes introduce a more robust and modular approach to handling multi-document YAML files within the CI pipeline.

Highlights

• Refactored YAML Splitting Logic: The splitYamlIntoDir script has been completely rewritten to use csplit for initial document separation, followed by parallel processing. This significantly changes how multi-document YAML files are handled, moving away from an iterative yq and jq based parsing approach.
• Preservation of YAML Comments: The new approach aims to prevent the loss of comments and original formatting in templated YAML files. By splitting raw documents first and then extracting metadata, the script avoids re-serializing the entire document, which can strip comments.
• Introduction of Helper Functions: New functions renameFile and splitHelmReleaseIntoDir were added to modularize the YAML processing. renameFile handles file naming and validation, while splitHelmReleaseIntoDir manages the templating of HelmReleases and recursive splitting of their output.
• Minor Bug Fix: A small correction was made in extract-artifacthub-images.sh to use the named variable $existingDir instead of the positional parameter $2 for consistency and clarity.

Ignored Files

• Ignored by pattern: .github/workflows/** (1)
  • .github/workflows/linter.yaml

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[coderabbitai]

📝 Walkthrough

Walkthrough

Refactors YAML-splitting to use csplit + parallel with new exported helpers, updates path resolution in extract-artifacthub-images.sh to use existingDir, and removes three post-templating validation steps from the linter workflow.

Changes

Cohort / File(s)	Summary
Path resolution .github/scripts/extract-artifacthub-images.sh	Compute existingValuesDir from existingDir (existingValuesDir="$existingDir/$(basename --suffix=.yaml "$valuesFile")") instead of using positional $2.
YAML processing & helpers .github/scripts/splitYamlIntoDir	Replace per-document loop with csplit + parallel; add and export renameFile(splitFile, dir) and splitHelmReleaseIntoDir(helmrelease, yaml); ensure BIN_DIR initialization; replace RUNNER_DEBUG guard with [[ -v RUNNER_DEBUG && "$RUNNER_DEBUG" == 1 ]].
Workflow step removals .github/workflows/linter.yaml	Removed three post-template steps: extract-artifacthub-images.sh, enforce-trusted-registries.sh, and check-licenses.sh (previously gated on steps.templateChart.outputs.skipped != 'true').

Sequence Diagram(s)

sequenceDiagram
    participant Workflow
    participant SplitScript as splitYamlIntoDir
    participant Csplit
    participant Parallel
    participant Rename as renameFile
    participant SplitHelm as splitHelmReleaseIntoDir
    participant Template as templateHelmRelease

    Workflow->>SplitScript: call with YAML input
    SplitScript->>Csplit: split input into per-doc files
    Csplit-->>SplitScript: list of split files
    SplitScript->>Parallel: process split files concurrently
    Parallel->>Rename: read metadata and move file to dir/namespace/kind/name.yaml
    Parallel->>SplitHelm: detect HelmRelease -> request templating
    SplitHelm->>Template: template HelmRelease via BIN_DIR/templateHelmRelease
    Template-->>SplitHelm: templated YAML
    SplitHelm-->>Parallel: return processed documents
    Parallel-->>SplitScript: all files processed
    SplitScript-->>Workflow: completion

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• chore: add nix flake, taskfile and improve various scripts #1899: Refactors in .github/scripts/splitYamlIntoDir with similar parallelization and helper extraction.

Suggested reviewers

• SyeKlu
• marvinWolff

Poem

🐰 I hopped through YAML, split with glee,
Moved names to folders — neat as can be.
Helm bits templated, parallel and spry,
CI sings softly as carrots fly. 🥕

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Title check	❓ Inconclusive	The PR title mentions preserving YAML comments, but the changes actually refactor CI scripts to use parallel processing and remove validation steps—the comment preservation is not the primary technical change.	Clarify whether the main objective is preserving YAML comments or refactoring the CI pipeline. The title should reflect the dominant change more accurately.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/ci/restore-image-skipping

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Code Review

This pull request refactors the YAML splitting logic to use csplit instead of yq. This is a great improvement as it preserves comments from the original files, which was the main goal. The new script is well-structured into functions and leverages parallel for better performance. I've found a couple of areas where the script's robustness can be improved to prevent potential failures. My comments focus on handling empty YAML documents gracefully and ensuring environment variables are correctly scoped for all execution paths, including recursive function calls.

[Copilot]

Pull request overview

Updates the CI/scripts used to template and split Helm-generated YAML so that comments in templated manifests are preserved, and adjusts related CI checks and helper scripts.

Changes:

• Remove several chart validation steps from the linter GitHub Actions workflow.
• Rewrite .github/scripts/splitYamlIntoDir to split YAML using csplit and process outputs in parallel (instead of re-serializing via yq).
• Fix extract-artifacthub-images.sh to correctly build the existingValuesDir path from the existingDir variable.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 4 comments.

File	Description
.github/workflows/linter.yaml	Removes artifacthub/registry/license checks from the lint workflow job.
.github/scripts/splitYamlIntoDir	Replaces YAML splitting logic with csplit + parallel and adds helper functions for renaming/splitting HelmRelease outputs.
.github/scripts/extract-artifacthub-images.sh	Corrects path construction for locating existing artifacthub-values directories.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[coderabbitai]

Actionable comments posted: 2

🤖 Fix all issues with AI agents

In @.github/scripts/splitYamlIntoDir:
- Around line 42-49: The recursion builds a duplicated path because
helmreleaseDir already contains the parent dirname; in splitYamlIntoDir you
should pass the already-built helmreleaseDir as the target instead of prepending
dirname again. Update the recursive call to use helmreleaseDir (the variable
created by helmreleaseDir="$(dirname "$helmrelease")/$(basename -s .yaml
"$helmrelease")") so splitYamlIntoDir is invoked with "$helmreleaseDir" rather
than "$(dirname "$helmrelease")/$helmreleaseDir".
- Around line 13-26: Normalize yq nulls and validate required metadata: change
the yq invocations that set kind, namespace, and name to use the null-coalescing
form (e.g. yq -r '.kind // ""' and yq -r '.metadata.namespace // ""', and yq -r
'.metadata.name // ""') so literal "null" becomes an empty string; then update
the early-return check (the block using kind) to treat both empty and "null" as
empty by relying on the normalized value, and add a validation after reading
name to error/return if name is empty (prevent constructing paths with missing
names) referencing the variables kind, namespace, name and the splitFile
handling logic.

🧹 Nitpick comments (1)

.github/scripts/splitYamlIntoDir (1)

58-69: Make csplit robust for relative YAML paths.

Because you env -C "$yamlDir", passing a relative $yaml (e.g., foo/bar.yaml) will resolve to foo/foo/bar.yaml. Using basename keeps both absolute and relative callers safe.

♻️ Suggested tweak

-  env -C "$yamlDir" csplit --prefix="$splitPrefix" --suppress-matched "$yaml" '/^---$/' '{*}' >/dev/null
+  env -C "$yamlDir" csplit --prefix="$splitPrefix" --suppress-matched "$(basename "$yaml")" '/^---$/' '{*}' >/dev/null

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In @.github/scripts/splitYamlIntoDir:
- Around line 54-69: The csplit call in splitYamlIntoDir aborts the script under
set -e for single-document YAML because csplit returns 1 when no separator is
found; change the call to capture its exit code and only treat codes other than
0 or 1 as fatal. Concretely, run env -C "$yamlDir" csplit ... >/dev/null, save
its exit code (e.g., rc=$?), and if rc is not 0 and not 1 then propagate/exit
with that rc; otherwise continue normally so single-document YAML is accepted.
Ensure this logic is applied around the csplit invocation in splitYamlIntoDir.

🧹 Nitpick comments (1)

.github/scripts/splitYamlIntoDir (1)

70-74: Confirm GNU parallel availability or add a guard.
If parallel isn’t installed on all runners, this will fail under set -e. Consider a preflight check (or fallback).

🛠️ Minimal guard example

+  command -v parallel >/dev/null || { echo "GNU parallel is required" >&2; return 1; }
   find "$yamlDir" -type f -name "${splitPrefix}*" -print0 | parallel -0 renameFile {} "$dir"

   find "$dir" -type d -name HelmRelease -exec find {} -maxdepth 1 -type f -name '*.yaml' -print0 \; | parallel -0 splitHelmReleaseIntoDir {} "$yaml"

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In @.github/scripts/splitYamlIntoDir:
- Around line 27-34: The current check-then-move sequence using resourceName
(the variable and the mv step inside the block) is vulnerable to a TOCTOU race
when renameFile is called in parallel; change the logic to avoid the pre-check
and perform an atomic move with mv -n (or equivalent) to fail if the destination
exists, and detect that failure to return non-zero and log the "'$resourceName'
shouldn't already exist" message; ensure mkdir -p "$(dirname "$resourceName")"
still runs before the mv, and remove the separate -f existence test so
duplicates are deterministically rejected by the mv command.

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In @.github/scripts/splitYamlIntoDir:
- Around line 38-52: The function splitHelmReleaseIntoDir calls
"$BIN_DIR/templateHelmRelease" but BIN_DIR is only assigned in the parent script
without being exported, so subshells (e.g., spawned by parallel) won't see it;
fix by exporting BIN_DIR where it's defined (or export it immediately before
invoking parallel) so splitHelmReleaseIntoDir and any subshells can access
BIN_DIR; ensure you add export BIN_DIR when you set its value (or run export
BIN_DIR="$BIN_DIR" prior to the parallel invocation) so the templateHelmRelease
call inside splitHelmReleaseIntoDir works in subshells.

🧹 Nitpick comments (1)

.github/scripts/splitYamlIntoDir (1)

74-76: Consider adding --halt option to parallel for fail-fast behavior.

If any renameFile or splitHelmReleaseIntoDir call fails, parallel continues processing remaining items by default. With strict mode (set -e), the script should fail early on errors.

Suggested improvement

-  find "$yamlDir" -type f -name "${splitPrefix}*" -print0 | parallel -0 renameFile {} "$dir"
+  find "$yamlDir" -type f -name "${splitPrefix}*" -print0 | parallel -0 --halt now,fail=1 renameFile {} "$dir"

-  find "$dir" -type d -name HelmRelease -exec find {} -maxdepth 1 -type f -name '*.yaml' -print0 \; | parallel -0 splitHelmReleaseIntoDir {} "$yaml"
+  find "$dir" -type d -name HelmRelease -exec find {} -maxdepth 1 -type f -name '*.yaml' -print0 \; | parallel -0 --halt now,fail=1 splitHelmReleaseIntoDir {} "$yaml"