feat(base-cluster/monitoring): add alert about deprecated APIs

[cwrau]

Summary by CodeRabbit

• New Features

  • Added a new Prometheus alert that monitors and triggers notifications when deprecated Kubernetes APIs are used in your cluster.

• Chores

  • Updated internal naming conventions and formatting for monitoring rule configurations.

[coderabbitai]

📝 Walkthrough

Walkthrough

The PR updates Prometheus alerting rule templates across the Helm chart, renaming the certificate expiration template from expirationRule to expirationAlert, applying whitespace formatting adjustments to existing rules, and introducing a new PrometheusRule for detecting deprecated Kubernetes API usage.

Changes

Cohort / File(s)	Summary
Template Rename charts/base-cluster/templates/cert-manager/rules/certificate-expiration.yaml	Renamed template definition and references from expirationRule to expirationAlert for consistent naming conventions.
Whitespace & Formatting charts/base-cluster/templates/flux/rules/flux-status.yaml, charts/base-cluster/templates/nfs-server-provisioner/rules/storage-size.yaml	Applied trailing trim modifiers (-}}) to Helm template conditionals for consistent formatting without altering control flow.
New Deprecated APIs Alert charts/base-cluster/templates/global/rules/deprecated-apis.yaml	Introduces new PrometheusRule template that conditionally deploys alerting for deprecated Kubernetes API usage with critical severity, tracking by group/version/resource/subresource.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

• fix(base-cluster/monitoring): adjust for short-lived certificates #1921: Modifies alert names and evaluation logic within the certificate-expiration.yaml file that this PR renames.
• feat(base-cluster/ingress)!: add option traefik for ingress controller and make it default #1420: Adjusts monitoring labels rendering in the same certificate-expiration.yaml file being refactored here.

Suggested reviewers

• tasches
• teutonet-bot
• marvinWolff

Poem

🐰 Alert templates hop with care,
New names and formatting so fair,
Deprecated APIs now in sight,
With critical warnings shining bright,
Prometheus watches through the night! 📊

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the primary change: adding a new Prometheus alert rule for deprecated Kubernetes APIs to the monitoring configuration.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/base-cluster/add-alert-about-deprecated-apis

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request enhances the base-cluster monitoring capabilities by adding a critical alert for deprecated Kubernetes API usage. This new alert will proactively notify administrators when older APIs, scheduled for removal, are still in use, facilitating timely updates and preventing potential cluster disruptions. Additionally, the PR includes minor refactoring to improve the clarity of existing monitoring rule definitions and standardizes Helm template syntax for better maintainability.

Highlights

• Deprecated API Alert: A new Prometheus alert was introduced to detect and notify about the usage of deprecated Kubernetes APIs, helping to ensure cluster compatibility with future Kubernetes versions.
• Template Renaming: The base-cluster.cert-manager.expirationRule template was renamed to base-cluster.cert-manager.expirationAlert for improved clarity and consistency.
• Helm Syntax Standardization: Helm template syntax was standardized across multiple monitoring rule files by consistently using - for trimming whitespace.

Changelog

• charts/base-cluster/templates/cert-manager/rules/certificate-expiration.yaml
  • Renamed the base-cluster.cert-manager.expirationRule template to base-cluster.cert-manager.expirationAlert.
  • Standardized Helm template whitespace trimming.
• charts/base-cluster/templates/flux/rules/flux-status.yaml
  • Standardized Helm template whitespace trimming.
• charts/base-cluster/templates/global/rules/certificate-expiration.yaml
  • Added a new PrometheusRule named deprecated-apis to alert on the use of deprecated Kubernetes APIs.
• charts/base-cluster/templates/nfs-server-provisioner/rules/storage-size.yaml
  • Standardized Helm template whitespace trimming.

Activity

• No human activity has been recorded on this pull request yet.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

The pull request renames a Helm template for certificate expiration rules, adjusts whitespace control in several Helm templates, and introduces a new PrometheusRule to alert on deprecated Kubernetes API usage. A review comment suggests simplifying the PromQL expression within this new deprecated API alert for improved clarity and efficiency.

[Copilot]

Pull request overview

This PR adds a new PrometheusRule alert for deprecated Kubernetes API usage and makes minor whitespace/naming cleanups across several existing rule template files.

Changes:

• Adds a new DeprecatedAPIUsed PrometheusRule that fires when deprecated Kubernetes APIs are still being called, using the apiserver_requested_deprecated_apis metric.
• Renames the cert-manager template helper from expirationRule to expirationAlert for consistency.
• Normalizes whitespace trimming (-}}) in several template files (flux-status.yaml, storage-size.yaml).

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

File	Description
charts/base-cluster/templates/global/rules/certificate-expiration.yaml	New file containing the deprecated APIs PrometheusRule alert (but incorrectly named).
charts/base-cluster/templates/cert-manager/rules/certificate-expiration.yaml	Renames template helper from expirationRule to expirationAlert.
charts/base-cluster/templates/flux/rules/flux-status.yaml	Whitespace normalization (adds trimming dashes and indentation).
charts/base-cluster/templates/nfs-server-provisioner/rules/storage-size.yaml	Whitespace normalization (adds trimming dashes and indentation).

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@charts/base-cluster/templates/global/rules/certificate-expiration.yaml`:
- Around line 1-28: The template file is misnamed—its content defines the
PrometheusRule template "base-cluster.monitoring.deprecatedAPIsAlert" (resource
name deprecated-apis and alert DeprecatedAPIUsed) but the filename is
certificate-expiration.yaml; rename the file to match its purpose (e.g.,
deprecated-apis.yaml) and update any chart references if present so the template
path and filename align with the template name to avoid confusion and
maintenance issues.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: a7c73f5b-f15d-49b3-98dc-53cf69efa84b

📥 Commits

Reviewing files that changed from the base of the PR and between d874a56 and 6290dea.

📒 Files selected for processing (4)

• charts/base-cluster/templates/cert-manager/rules/certificate-expiration.yaml
• charts/base-cluster/templates/flux/rules/flux-status.yaml
• charts/base-cluster/templates/global/rules/certificate-expiration.yaml
• charts/base-cluster/templates/nfs-server-provisioner/rules/storage-size.yaml

[coderabbitai]

🧹 Nitpick comments (1)

charts/base-cluster/templates/global/rules/deprecated-apis.yaml (1)

28-28: Minor inconsistency: end directive indentation.

The closing {{- end -}} is indented with 2 spaces, while other templates in this PR (e.g., storage-size.yaml line 30, flux-status.yaml line 49) have the end directive at different indentation levels. For consistency with storage-size.yaml which places {{- end }} at column 0, consider removing the leading spaces.

Suggested fix

           period: WorkingHours
-  {{- end -}}
+{{- end -}}

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@charts/base-cluster/templates/global/rules/deprecated-apis.yaml` at line 28,
The closing Helm template delimiter '{{- end -}}' in the deprecated-apis.yaml
fragment is indented by two spaces; move it to column 0 (remove the leading
spaces) so the '{{- end -}}' delimiter matches the indentation style used in
storage-size.yaml and flux-status.yaml, ensuring consistent template formatting
across the chart.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@charts/base-cluster/templates/global/rules/deprecated-apis.yaml`:
- Line 28: The closing Helm template delimiter '{{- end -}}' in the
deprecated-apis.yaml fragment is indented by two spaces; move it to column 0
(remove the leading spaces) so the '{{- end -}}' delimiter matches the
indentation style used in storage-size.yaml and flux-status.yaml, ensuring
consistent template formatting across the chart.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: d043e7da-c866-47ae-a5ce-f95e9f4a6841

📥 Commits

Reviewing files that changed from the base of the PR and between 6290dea and 8bdde68.

📒 Files selected for processing (4)

• charts/base-cluster/templates/cert-manager/rules/certificate-expiration.yaml
• charts/base-cluster/templates/flux/rules/flux-status.yaml
• charts/base-cluster/templates/global/rules/deprecated-apis.yaml
• charts/base-cluster/templates/nfs-server-provisioner/rules/storage-size.yaml

🚧 Files skipped from review as they are similar to previous changes (1)

• charts/base-cluster/templates/cert-manager/rules/certificate-expiration.yaml