Skip to content

docs: add generated documentation#2755

Open
myakove wants to merge 1 commit into
mainfrom
docs/docsfy-openshift-python-wrapper
Open

docs: add generated documentation#2755
myakove wants to merge 1 commit into
mainfrom
docs/docsfy-openshift-python-wrapper

Conversation

@myakove

@myakove myakove commented Jul 5, 2026

Copy link
Copy Markdown
Collaborator

Generated with docsfy using claude/claude-opus-4-6-1m

Changes:

  • Generated 21 documentation pages with docsfy (claude/claude-opus-4-6-1m)
  • Added docs link to README
  • Excluded docs/ from detect-secrets and gitleaks (generated docs contain placeholder tokens)

Summary by CodeRabbit

  • New Features

    • Added a refreshed documentation site with improved navigation, search, theme switching, code copy buttons, callouts, and code language labels.
    • Introduced a documentation search experience with keyboard shortcuts and result previews.
    • Added GitHub star display and a more polished landing page.
  • Documentation

    • Published new and expanded guides for getting started, connecting to clusters, managing resources, querying, bulk operations, pod logs, temporary edits, error handling, environment variables, and MCP integration.
    • Added a full CLI reference and common usage patterns across the docs.

@coderabbitai

coderabbitai Bot commented Jul 5, 2026

Copy link
Copy Markdown

Review Change Stack

Walkthrough

This PR adds a complete static documentation site under docs/ (Docsify-style HTML pages, source Markdown, JS assets, and a theme stylesheet), covering CLI usage, cluster connection, resource lifecycle, error handling, MCP integration, and more. It also adjusts secret-scanning config to exclude docs/ and adds a README documentation link.

Changes

Documentation Site Infrastructure

Layer / File(s) Summary
Repo config updates for docs scanning
.gitleaks.toml, .pre-commit-config.yaml, README.md
Gitleaks and detect-secrets configs are extended to exclude docs/, and README gets a "Full Documentation" link.
Client-side JS assets
docs/assets/callouts.js, codelabels.js, copy.js, github.js, scrollspy.js, search.js, theme.js
New scripts implement callout styling, code language labels, copy buttons, GitHub star display, scrollspy, a Cmd+K search modal, and theme toggling.
Docsify theme stylesheet
docs/assets/style.css
A complete light/dark theme CSS file styles layout, sidebar, code blocks, callouts, tables, TOC, search modal, and responsive/print behavior.
Landing page and LLM index
docs/index.html, docs/llms.txt
Adds the documentation landing page with navigation/card grid and an LLM-oriented text index.

Documentation Content Pages

Layer / File(s) Summary
Class-generator CLI and resource-class generation docs
docs/class-generator-cli.md, .html, docs/generating-resource-classes.md, .html
Documents the class-generator CLI options, programmatic API, exceptions, and step-by-step class generation workflows.
Connecting to clusters docs
docs/connecting-to-clusters.md, .html
Documents get_client() authentication flows, environment variables, and troubleshooting.
Creating/managing resources and temporary editing docs
docs/creating-and-managing-resources.md, .html, docs/editing-resources-temporarily.md, .html
Documents resource lifecycle operations (deploy/update/delete) and temporary edits via ResourceEditor.
Environment variables and error handling docs
docs/environment-variables.md, .html, docs/error-handling.md, .html
Documents runtime environment variables and the custom exception reference with handling patterns.
Managing resource lists and common patterns docs
docs/managing-resource-lists.md, .html, docs/common-patterns.md
Documents ResourceList/NamespacedResourceList and provides copy-paste recipes for common operations.
MCP server integration and pod execution/logs docs
docs/mcp-server-integration.md, .html, docs/pod-execution-and-logs.md, .html
Documents MCP server tool usage/configuration and Pod.execute()/Pod.log() usage.
Querying resources docs
docs/querying-resources.md, .html
Documents resource querying, existence checks, status/conditions, and watching/events.
Quickstart guide docs
docs/quickstart.md, .html
Documents installation, cluster connection, and basic resource lifecycle steps for new users.

Estimated code review effort: 2 (Simple) | ~15 minutes

Suggested labels: size/XL

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Description check ⚠️ Warning The description lists changes, but it does not follow the required template sections and leaves issue, reviewer notes, and bug fields empty. Rewrite the PR description using the template headings and fill in Short description, More details, What this PR does/why, issue links, notes, and bug details or N/A.
✅ Passed checks (4 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly summarizes the main change: generated documentation was added.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch docs/docsfy-openshift-python-wrapper

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@rh-bot-1

rh-bot-1 commented Jul 5, 2026

Copy link
Copy Markdown

Report bugs in Issues

Welcome! 🎉

This pull request will be automatically processed with the following features:

🔄 Automatic Actions

  • Reviewer Assignment: Reviewers are automatically assigned based on the OWNERS file in the repository root
  • Size Labeling: PR size labels (XS, S, M, L, XL, XXL) are automatically applied based on changes
  • Issue Creation: Disabled for this repository
  • Branch Labeling: Branch-specific labels are applied to track the target branch
  • Auto-verification: Auto-verified users have their PRs automatically marked as verified
  • Labels: All label categories are enabled (default configuration)

📋 Available Commands

PR Status Management

  • /wip - Mark PR as work in progress (adds WIP: prefix to title)
  • /wip cancel - Remove work in progress status
  • /hold - Block PR merging (approvers only)
  • /hold cancel - Unblock PR merging
  • /verified - Mark PR as verified
  • /verified cancel - Remove verification status
  • /reprocess - Trigger complete PR workflow reprocessing (useful if webhook failed or configuration changed)
  • /regenerate-welcome - Regenerate this welcome message
  • /security-override - Set security check runs to pass (maintainers only)
  • /security-override cancel - Re-run security checks

Review & Approval

  • /lgtm - Approve changes (looks good to me)
  • /approve - Approve PR (approvers only)
  • /automerge - Enable automatic merging when all requirements are met (maintainers and approvers only)
  • /assign-reviewers - Assign reviewers based on OWNERS file
  • /assign-reviewer @username - Assign specific reviewer
  • /check-can-merge - Check if PR meets merge requirements

Testing & Validation

  • /retest tox - Run Python test suite with tox
  • /retest python-module-install - Test Python package installation
  • /retest conventional-title - Validate commit message format
  • /retest all - Run all available tests

Cherry-pick Operations

  • /cherry-pick <branch> - Schedule cherry-pick to target branch when PR is merged
    • Multiple branches: /cherry-pick branch1 branch2 branch3
  • /cherry-pick-retry <branch> - Retry a failed cherry-pick (merged PRs only)

Branch Management

  • /rebase - Rebase this PR branch onto its base branch

Label Management

  • /<label-name> - Add a label to the PR
  • /<label-name> cancel - Remove a label from the PR

✅ Merge Requirements

This PR will be automatically approved when the following conditions are met:

  1. Approval: /approve from at least one approver
  2. Status Checks: All required status checks must pass
  3. No Blockers: No wip, hold, has-conflicts labels and PR must be mergeable (no conflicts)
  4. Verified: PR must be marked as verified

📊 Review Process

Approvers and Reviewers

Approvers:

  • myakove
  • rnetser

Reviewers:

  • myakove
  • rnetser
Available Labels
  • hold
  • verified
  • wip
  • lgtm
  • approve
  • automerge
AI Features
  • Conventional Title: Mode: fix (claude/claude-opus-4-6-1m)
  • Cherry-Pick Conflict Resolution: Enabled (claude/claude-opus-4-6-1m)
Security Checks
  • Suspicious Path Detection: Monitors paths: .claude/, .vscode/, .cursor/, .devcontainer/, .pi/, .github/workflows/, .github/actions/
  • Committer Identity Check: Verifies last committer matches PR author
  • Mandatory: Security checks block merge (use /security-override to bypass — maintainers only)

💡 Tips

  • WIP Status: Use /wip when your PR is not ready for review
  • Verification: The verified label is removed on new commits unless the push is detected as a clean rebase
  • Cherry-picking: Cherry-pick labels are processed when the PR is merged
  • Permission Levels: Some commands require approver permissions
  • Auto-verified Users: Certain users have automatic verification and merge privileges

For more information, please refer to the project documentation or contact the maintainers.

@qodo-code-review

Copy link
Copy Markdown

PR Summary by Qodo

Publish generated Docsfy documentation site and exclude it from secret scanning

📝 Documentation ⚙️ Configuration changes 🕐 20-40 Minutes

Grey Divider

AI Description

• Add a generated Docsfy documentation site (HTML + Markdown) under docs/ for GitHub Pages.
• Link the new documentation site from the project README.
• Exclude docs/ from gitleaks and detect-secrets to avoid false positives in generated content.
Diagram

graph TD
R["README.md"] --> S["Docs site (docs/)"] --> H["HTML pages"] --> A["assets JS/CSS"]
H --> I["search-index.json"]
SC["Secret scanners"] --> C["Scan configs"] --> E["Exclude docs/"]
Loading
High-Level Assessment

The following are alternative approaches to this PR:

1. Commit only Markdown; build HTML in CI for GitHub Pages
  • ➕ Reduces repo churn and PR noise from regenerated HTML/CSS/JS
  • ➕ Keeps source-of-truth docs human-reviewable and diff-friendly
  • ➕ Allows consistent rebuilds (minification/versioning) without committing artifacts
  • ➖ Requires adding/maintaining a build pipeline (GitHub Actions + Pages deploy)
  • ➖ Slightly more complex local preview workflow for contributors
2. Configure Docsfy (or post-process) to remove generation traces
  • ➕ Avoids publishing LLM scratchpad text (e.g., “Let me explore…”) in docs and search index
  • ➕ Reduces likelihood of secret-scanner false positives and the need for broad exclusions
  • ➖ May require prompt/template changes or additional filtering scripts
  • ➖ Potentially requires regenerating all pages once configuration is corrected
3. Host docs outside the repo (artifact release or external site)
  • ➕ Keeps core repository lean (no large generated assets)
  • ➕ Decouples documentation publishing cadence from code PRs
  • ➖ Introduces hosting/permissions/operational overhead
  • ➖ Harder to review docs changes alongside code changes in a single PR

Recommendation: If the goal is a stable GitHub Pages site, the current approach is acceptable, but consider moving to “Markdown-in-repo + CI-built HTML” to reduce long-term churn. Also strongly consider adjusting generation/post-processing to strip LLM scratchpad text, since it leaks into both the rendered pages and search-index.json and is the root cause behind broad secret-scanner exclusions.

Files changed (57) +33843 / -1

Documentation (54) +33841 / -0
README.mdAdd GitHub Pages documentation link +2/-0

Add GitHub Pages documentation link

• Adds a prominent “Full Documentation” link pointing to the published GitHub Pages site.

README.md

callouts.jsAdd callout rendering behavior for docs site +26/-0

Add callout rendering behavior for docs site

• Introduces client-side logic to support styled callout blocks (note/warning/tip/danger) in generated documentation pages.

docs/assets/callouts.js

codelabels.jsAdd code block labeling for docs site +75/-0

Add code block labeling for docs site

• Adds client-side enhancements to label code blocks (e.g., language/filename badges) for better readability.

docs/assets/codelabels.js

copy.jsAdd copy-to-clipboard support for code blocks +41/-0

Add copy-to-clipboard support for code blocks

• Implements copy buttons for code blocks and related UI feedback in the generated documentation pages.

docs/assets/copy.js

github.jsAdd GitHub integration helpers for docs UI +38/-0

Add GitHub integration helpers for docs UI

• Adds client-side helpers to integrate documentation pages with GitHub navigation/links as part of the generated theme.

docs/assets/github.js

scrollspy.jsAdd scrollspy behavior for in-page navigation +49/-0

Add scrollspy behavior for in-page navigation

• Implements active-section tracking to keep the table of contents/navigation in sync with page scroll position.

docs/assets/scrollspy.js

search.jsAdd client-side search modal (⌘/Ctrl+K) +125/-0

Add client-side search modal (⌘/Ctrl+K)

• Implements a search modal UI that loads docs/search-index.json and provides keyboard navigation and quick-open results.

docs/assets/search.js

style.cssAdd generated Docsfy theme stylesheet +1545/-0

Add generated Docsfy theme stylesheet

• Adds the full CSS theme used by the generated documentation site, including layout, typography, code styling, and components.

docs/assets/style.css

theme.jsAdd light/dark theme toggle logic +22/-0

Add light/dark theme toggle logic

• Adds client-side theme persistence (localStorage) and theme switching for the generated documentation site.

docs/assets/theme.js

class-generator-cli.htmlAdd generated HTML page: class-generator CLI reference +1537/-0

Add generated HTML page: class-generator CLI reference

• Adds the rendered HTML documentation page for the class-generator CLI reference.

docs/class-generator-cli.html

class-generator-cli.mdAdd generated Markdown page: class-generator CLI reference +726/-0

Add generated Markdown page: class-generator CLI reference

• Adds the Markdown source content for the class-generator CLI reference page.

docs/class-generator-cli.md

common-patterns.htmlAdd generated HTML page: common patterns +1213/-0

Add generated HTML page: common patterns

• Adds the rendered HTML documentation page containing common resource recipes and patterns.

docs/common-patterns.html

common-patterns.mdAdd generated Markdown page: common patterns +941/-0

Add generated Markdown page: common patterns

• Adds the Markdown source content for the common patterns/recipes page.

docs/common-patterns.md

connecting-to-clusters.htmlAdd generated HTML page: connecting to clusters +760/-0

Add generated HTML page: connecting to clusters

• Adds the rendered HTML guide for client configuration and authentication options.

docs/connecting-to-clusters.html

connecting-to-clusters.mdAdd generated Markdown page: connecting to clusters +356/-0

Add generated Markdown page: connecting to clusters

• Adds the Markdown source content for the cluster connection guide.

docs/connecting-to-clusters.md

creating-and-managing-resources.htmlAdd generated HTML page: creating and managing resources +924/-0

Add generated HTML page: creating and managing resources

• Adds the rendered HTML guide covering resource lifecycle operations (create/update/delete/deploy patterns).

docs/creating-and-managing-resources.html

creating-and-managing-resources.mdAdd generated Markdown page: creating and managing resources +517/-0

Add generated Markdown page: creating and managing resources

• Adds the Markdown source content for the resource creation/management guide.

docs/creating-and-managing-resources.md

editing-resources-temporarily.htmlAdd generated HTML page: ResourceEditor guide +720/-0

Add generated HTML page: ResourceEditor guide

• Adds the rendered HTML guide describing temporary resource patching and automatic restoration workflows.

docs/editing-resources-temporarily.html

editing-resources-temporarily.mdAdd generated Markdown page: ResourceEditor guide +261/-0

Add generated Markdown page: ResourceEditor guide

• Adds the Markdown source content for the ResourceEditor guide.

docs/editing-resources-temporarily.md

environment-variables.htmlAdd generated HTML page: environment variables reference +1006/-0

Add generated HTML page: environment variables reference

• Adds the rendered HTML reference for environment variables and configuration knobs.

docs/environment-variables.html

environment-variables.mdAdd generated Markdown page: environment variables reference +403/-0

Add generated Markdown page: environment variables reference

• Adds the Markdown source content for the environment variables reference.

docs/environment-variables.md

error-handling.htmlAdd generated HTML page: error handling reference +1312/-0

Add generated HTML page: error handling reference

• Adds the rendered HTML reference for custom exceptions and recommended error-handling patterns.

docs/error-handling.html

error-handling.mdAdd generated Markdown page: error handling reference +695/-0

Add generated Markdown page: error handling reference

• Adds the Markdown source content for the error handling and exceptions reference.

docs/error-handling.md

generating-resource-classes.htmlAdd generated HTML page: generating resource classes +714/-0

Add generated HTML page: generating resource classes

• Adds the rendered HTML guide explaining how to generate new resource wrapper classes via class-generator.

docs/generating-resource-classes.html

generating-resource-classes.mdAdd generated Markdown page: generating resource classes +338/-0

Add generated Markdown page: generating resource classes

• Adds the Markdown source content for the resource class generation guide.

docs/generating-resource-classes.md

index.htmlAdd generated docs landing page +591/-0

Add generated docs landing page

• Adds the generated documentation landing page with navigation, sidebar, and links to topic pages.

docs/index.html

llms.txtAdd LLM-friendly documentation index +45/-0

Add LLM-friendly documentation index

• Adds a plain-text index of documentation pages intended for LLM ingestion and discovery.

docs/llms.txt

managing-resource-lists.htmlAdd generated HTML page: ResourceList guide +588/-0

Add generated HTML page: ResourceList guide

• Adds the rendered HTML guide for managing bulk resources via ResourceList/NamespacedResourceList.

docs/managing-resource-lists.html

managing-resource-lists.mdAdd generated Markdown page: ResourceList guide +225/-0

Add generated Markdown page: ResourceList guide

• Adds the Markdown source content for the bulk resource management guide.

docs/managing-resource-lists.md

mcp-server-integration.htmlAdd generated HTML page: MCP server integration +799/-0

Add generated HTML page: MCP server integration

• Adds the rendered HTML guide describing MCP server setup for AI assistants and IDE integrations.

docs/mcp-server-integration.html

mcp-server-integration.mdAdd generated Markdown page: MCP server integration +446/-0

Add generated Markdown page: MCP server integration

• Adds the Markdown source content for MCP server integration instructions.

docs/mcp-server-integration.md

pod-execution-and-logs.htmlAdd generated HTML page: pod exec and logs +791/-0

Add generated HTML page: pod exec and logs

• Adds the rendered HTML guide describing executing commands in pods and retrieving logs.

docs/pod-execution-and-logs.html

pod-execution-and-logs.mdAdd generated Markdown page: pod exec and logs +380/-0

Add generated Markdown page: pod exec and logs

• Adds the Markdown source content for the pod execution and logs guide.

docs/pod-execution-and-logs.md

querying-resources.htmlAdd generated HTML page: querying and watching resources +1063/-0

Add generated HTML page: querying and watching resources

• Adds the rendered HTML guide for listing/filtering resources and watching changes.

docs/querying-resources.html

querying-resources.mdAdd generated Markdown page: querying and watching resources +564/-0

Add generated Markdown page: querying and watching resources

• Adds the Markdown source content for the querying/watching guide.

docs/querying-resources.md

quickstart.htmlAdd generated HTML page: quickstart +679/-0

Add generated HTML page: quickstart

• Adds the rendered HTML quickstart page showing installation, connection, and first resource example.

docs/quickstart.html

quickstart.mdAdd generated Markdown page: quickstart +352/-0

Add generated Markdown page: quickstart

• Adds the Markdown source content for the quickstart guide.

docs/quickstart.md

resource-api.htmlAdd generated HTML page: Resource API reference +2544/-0

Add generated HTML page: Resource API reference

• Adds the rendered HTML API reference for Resource/NamespacedResource and related helpers.

docs/resource-api.html

resource-api.mdAdd generated Markdown page: Resource API reference +1325/-0

Add generated Markdown page: Resource API reference

• Adds the Markdown source content for the Resource/NamespacedResource API reference.

docs/resource-api.md

resource-class-hierarchy.htmlAdd generated HTML page: resource class hierarchy +702/-0

Add generated HTML page: resource class hierarchy

• Adds the rendered HTML internals page describing the library’s resource class hierarchy.

docs/resource-class-hierarchy.html

resource-class-hierarchy.mdAdd generated Markdown page: resource class hierarchy +283/-0

Add generated Markdown page: resource class hierarchy

• Adds the Markdown source content for the resource class hierarchy internals page.

docs/resource-class-hierarchy.md

schema-validation-internals.htmlAdd generated HTML page: schema validation internals +818/-0

Add generated HTML page: schema validation internals

• Adds the rendered HTML internals page explaining schema validation and code generation architecture.

docs/schema-validation-internals.html

schema-validation-internals.mdAdd generated Markdown page: schema validation internals +299/-0

Add generated Markdown page: schema validation internals

• Adds the Markdown source content for the schema validation/codegen internals page.

docs/schema-validation-internals.md

search-index.jsonAdd generated search index for docs site +1/-0

Add generated search index for docs site

• Adds a JSON search index consumed by the client-side search modal to provide full-text search across docs pages.

docs/search-index.json

testing-without-cluster.htmlAdd generated HTML page: testing without a cluster +915/-0

Add generated HTML page: testing without a cluster

• Adds the rendered HTML guide describing use of the fake client for unit testing without a live cluster.

docs/testing-without-cluster.html

testing-without-cluster.mdAdd generated Markdown page: testing without a cluster +584/-0

Add generated Markdown page: testing without a cluster

• Adds the Markdown source content for the fake-client testing guide.

docs/testing-without-cluster.md

validating-resources.htmlAdd generated HTML page: validating resources +667/-0

Add generated HTML page: validating resources

• Adds the rendered HTML guide describing OpenAPI-based validation workflows and troubleshooting.

docs/validating-resources.html

validating-resources.mdAdd generated Markdown page: validating resources +275/-0

Add generated Markdown page: validating resources

• Adds the Markdown source content for the validation guide.

docs/validating-resources.md

waiting-for-conditions.htmlAdd generated HTML page: waiting for conditions +885/-0

Add generated HTML page: waiting for conditions

• Adds the rendered HTML guide describing wait/polling utilities for resource status and conditions.

docs/waiting-for-conditions.html

waiting-for-conditions.mdAdd generated Markdown page: waiting for conditions +454/-0

Add generated Markdown page: waiting for conditions

• Adds the Markdown source content for the waiting/status guide.

docs/waiting-for-conditions.md

working-with-events.htmlAdd generated HTML page: working with events +935/-0

Add generated HTML page: working with events

• Adds the rendered HTML guide covering Kubernetes event retrieval, streaming, and cleanup patterns.

docs/working-with-events.html

working-with-events.mdAdd generated Markdown page: working with events +353/-0

Add generated Markdown page: working with events

• Adds the Markdown source content for the events guide.

docs/working-with-events.md

working-with-virtual-machines.htmlAdd generated HTML page: working with virtual machines +1231/-0

Add generated HTML page: working with virtual machines

• Adds the rendered HTML guide for managing KubeVirt/OpenShift Virtualization resources via the wrapper.

docs/working-with-virtual-machines.html

working-with-virtual-machines.mdAdd generated Markdown page: working with virtual machines +701/-0

Add generated Markdown page: working with virtual machines

• Adds the Markdown source content for the virtual machines guide.

docs/working-with-virtual-machines.md

Other (3) +2 / -1
.gitleaks.tomlAllowlist docs/ from gitleaks scanning +1/-1

Allowlist docs/ from gitleaks scanning

• Extends the existing allowlist paths to include docs/ so generated documentation content does not trigger gitleaks findings.

.gitleaks.toml

.pre-commit-config.yamlExclude docs/ from detect-secrets hook +1/-0

Exclude docs/ from detect-secrets hook

• Adds an exclude-files pattern for docs/ to the detect-secrets pre-commit hook to avoid false positives from generated pages.

.pre-commit-config.yaml

.nojekyllDisable Jekyll processing for docs/ +0/-0

Disable Jekyll processing for docs/

• Adds the .nojekyll marker file so GitHub Pages serves the generated site as-is without Jekyll transformations.

docs/.nojekyll

@qodo-code-review

Copy link
Copy Markdown

Code Review by Qodo

🐞 Bugs (1) 📘 Rule violations (0) 📜 Skill insights (0)

Grey Divider


Remediation recommended

1. Docs secret-scan bypass 🐞 Bug ⛨ Security
Description
The PR broadly reduces secret-scanning coverage by excluding the entire docs/ directory from
detect-secrets and adding docs/ to the gitleaks allowlist, creating a blind spot where real
credentials pasted into documentation would not be flagged. Additionally, the gitleaks allowlist
entry’s id/description still suggests it only skips class_generator/schema, making the expanded
ignore scope easy to miss and less intentional/visible during review.
Code

.pre-commit-config.yaml[45]

+            "--exclude-files=docs/.*",
Relevance

⭐⭐⭐ High

Repo keeps gitleaks/detect-secrets tooling current; likely rejects broad secret-scan exclusions
creating blind spots.

PR-#2462
PR-#2598
PR-#2702

ⓘ Recommendations generated based on similar findings in past PRs

Evidence
The cited hook/config changes show that the pre-commit configuration explicitly excludes docs/
from detect-secrets, and the gitleaks configuration adds docs/ to an allowlist, meaning findings
in that subtree will be skipped by both tools. The docs are generated and contain
token/password-like example strings, which helps explain why false positives may have prompted these
exclusions, but also demonstrates the kind of secret-shaped content that could conceal an actual
leaked credential if it were introduced there. Separately, the gitleaks allowlist entry metadata
(id/description) still references only class_generator/schema even though the updated paths now
include docs/, so the true ignore scope is not accurately communicated by the entry’s label.

.pre-commit-config.yaml[36-46]
.gitleaks.toml[4-8]
docs/connecting-to-clusters.md[92-113]
docs/resource-api.md[69-84]

Agent prompt
The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
`docs/` is broadly excluded/allowlisted from secret scanning, which creates a blind spot where real secrets can slip through undetected, and the gitleaks allowlist entry metadata (id/description) no longer matches what it actually ignores after adding `docs/`, reducing visibility/intent.

## Issue Context
The docs are generated and include placeholder token/password-like strings, which likely motivated the exclusions to avoid false positives. However, excluding/allowlisting the entire `docs/` tree is broader than necessary, and combining unrelated ignore scopes (schema + docs) under a label that only mentions schema makes future ignore expansions easier to miss during review.

## Fix Focus Areas
- `.pre-commit-config.yaml[36-46]`
- `.gitleaks.toml[4-8]`

## Suggested fix approach
1. Replace the blanket `docs/.*` exclusion with a narrower rule (e.g., exclude only generated `*.html` and/or `docs/search-index.json`, while still scanning `*.md`), or exclude only specific known false-positive files.
2. For gitleaks, prefer allowlisting only known placeholder patterns (where supported) rather than all of `docs/`, and ensure any path-based allowlisting is as narrow as practical.
3. Update the existing gitleaks allowlist `id` and `description` to accurately reflect what it ignores, or split it into two entries (one for `class_generator/schema/`, one for `docs/`) so the purpose and scope are explicit.
4. Add a short comment explaining why the exclusions exist and what content is expected/safe in generated docs to prevent future over-expansion.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools


Grey Divider

Qodo Logo

Comment thread .pre-commit-config.yaml
"--exclude-files=class_generator/schema/*",
"--exclude-files=class_generator/__k8s-openapi-.*.json",
"--exclude-files=fake_kubernetes_client/__resources-mappings.json",
"--exclude-files=docs/.*",

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remediation recommended

1. Docs secret-scan bypass 🐞 Bug ⛨ Security

The PR broadly reduces secret-scanning coverage by excluding the entire docs/ directory from
detect-secrets and adding docs/ to the gitleaks allowlist, creating a blind spot where real
credentials pasted into documentation would not be flagged. Additionally, the gitleaks allowlist
entry’s id/description still suggests it only skips class_generator/schema, making the expanded
ignore scope easy to miss and less intentional/visible during review.
Agent Prompt
## Issue description
`docs/` is broadly excluded/allowlisted from secret scanning, which creates a blind spot where real secrets can slip through undetected, and the gitleaks allowlist entry metadata (id/description) no longer matches what it actually ignores after adding `docs/`, reducing visibility/intent.

## Issue Context
The docs are generated and include placeholder token/password-like strings, which likely motivated the exclusions to avoid false positives. However, excluding/allowlisting the entire `docs/` tree is broader than necessary, and combining unrelated ignore scopes (schema + docs) under a label that only mentions schema makes future ignore expansions easier to miss during review.

## Fix Focus Areas
- `.pre-commit-config.yaml[36-46]`
- `.gitleaks.toml[4-8]`

## Suggested fix approach
1. Replace the blanket `docs/.*` exclusion with a narrower rule (e.g., exclude only generated `*.html` and/or `docs/search-index.json`, while still scanning `*.md`), or exclude only specific known false-positive files.
2. For gitleaks, prefer allowlisting only known placeholder patterns (where supported) rather than all of `docs/`, and ensure any path-based allowlisting is as narrow as practical.
3. Update the existing gitleaks allowlist `id` and `description` to accurately reflect what it ignores, or split it into two entries (one for `class_generator/schema/`, one for `docs/`) so the purpose and scope are explicit.
4. Add a short comment explaining why the exclusions exist and what content is expected/safe in generated docs to prevent future over-expansion.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 13

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
docs/quickstart.md (1)

466-474: 🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win

Remove the extra cm.create() inside the context manager.

with ConfigMap(...) as cm: already manages creation/cleanup, so this second call is redundant and can double-submit the request. If the fake-client path is special, say so explicitly.

Proposed fix
 with ConfigMap(
     client=client,
     name="test-config",
     namespace="default",
     data={"key": "value"},
 ) as cm:
-    cm.create()
     print(f"Created (fake): {cm.name}")
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/quickstart.md` around lines 466 - 474, The quickstart example is calling
cm.create() redundantly inside the ConfigMap context manager, which can
double-submit the request. Update the ConfigMap usage so the with ConfigMap(...)
as cm: block relies on the context manager’s built-in create/cleanup behavior,
and remove the extra create() call unless the fake-client path truly needs
special handling. If it does, make that exception explicit in the example near
ConfigMap.
♻️ Duplicate comments (1)
docs/pod-execution-and-logs.html (1)

269-274: 📐 Maintainability & Code Quality | 🟠 Major | ⚡ Quick win

Same leaked AI-generation scratch notes rendered into the HTML output.

This is the rendered downstream of the leaked commentary in docs/pod-execution-and-logs.md (lines 1-12). Fixing the Markdown source and regenerating this HTML will resolve both.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/pod-execution-and-logs.html` around lines 269 - 274, The HTML output
contains leaked AI scratch notes that should not be rendered; remove the
commentary from the source documentation and regenerate the page. Update the
`docs/pod-execution-and-logs.md` content that feeds this HTML, then rebuild so
the rendered output no longer includes the exploratory sentences in the affected
section.
🧹 Nitpick comments (5)
docs/mcp-server-integration.md (1)

94-94: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value

Fenced code blocks missing language identifier (MD040).

Several prompt-example code fences lack a language tag, flagged by markdownlint. Add text (or similar) to satisfy MD040 and keep consistent Docsify syntax highlighting.

Example fix
-```
+```text
 Prompt: "List all pods in the openshift-monitoring namespace with label app=prometheus"

Also applies to: 117-117, 138-138, 183-183, 260-260, 282-282, 306-306, 329-329, 350-350

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/mcp-server-integration.md` at line 94, Several fenced prompt-example
blocks in the MCP server integration docs are missing a language tag and are
failing MD040. Update the affected fenced code blocks in the markdown so they
use a language identifier such as text, keeping the existing prompt content
intact and ensuring consistency with Docsify syntax highlighting. Focus on the
prompt-example fences throughout the document rather than changing the
surrounding prose.

Source: Linters/SAST tools

README.md (1)

3-4: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

New docs link conflicts with existing “Docs:” references.

The README now has three separate pointers to documentation: the new GitHub Pages link (Line 3), the existing Docs: line pointing to readthedocs.io (Line 7), and the ## docs section also pointing to readthedocs.io (Line 90). This is confusing for readers as to which is canonical/up to date; consider consolidating or clarifying which is the source of truth.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@README.md` around lines 3 - 4, The README now has multiple documentation
pointers that conflict, so consolidate them into a single canonical source or
clearly label one as primary and the others as secondary. Update the top-level
docs link and the existing “Docs:” reference plus the “## docs” section so they
all point to the same authoritative destination, and use consistent wording in
README.md to remove ambiguity for readers.
.pre-commit-config.yaml (1)

45-45: 🔒 Security & Privacy | 🔵 Trivial | ⚡ Quick win

Same broad-exclusion concern as .gitleaks.toml.

--exclude-files=docs/.* disables detect-secrets for the entire docs/ tree rather than just the generated pages containing placeholder tokens, reducing the secret-scanning safety net for that directory going forward.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.pre-commit-config.yaml at line 45, The detect-secrets exclude in the
pre-commit config is too broad and disables scanning for the whole docs tree.
Narrow the pattern in the pre-commit hook configuration so it only skips the
specific generated pages or placeholder-token files, not every path under docs/;
keep the change localized in the hook entry that currently uses the docs/.*
exclusion.
docs/assets/style.css (1)

70-71: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Stylelint value-keyword-case flags mixed-case font names.

Static analysis flags BlinkMacSystemFont, Roboto, Arial, SFMono-Regular, Menlo, and Consolas for keyword casing. These are conventionally-cased system/font-family identifiers, so lowercasing them would hurt readability; the fix should exempt font-family from the value-keyword-case rule (e.g. ignoreProperties: ["font-family"] or a targeted disable comment) rather than changing the values themselves.

🎨 Suggested inline disable
+    /* stylelint-disable value-keyword-case */
     --font-sans: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji";
     --font-mono: "SF Mono", SFMono-Regular, ui-monospace, "DejaVu Sans Mono", Menlo, Consolas, monospace;
+    /* stylelint-enable value-keyword-case */
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/assets/style.css` around lines 70 - 71, The mixed-case font-family
values in the style sheet are being flagged by the value-keyword-case lint rule,
but the identifiers in the font stack should remain unchanged. Update the
Stylelint configuration to ignore font-family for value-keyword-case, or add a
targeted disable around the relevant --font-sans and --font-mono declarations,
rather than lowercasing the font names themselves.

Source: Linters/SAST tools

.gitleaks.toml (1)

7-7: 🔒 Security & Privacy | 🔵 Trivial | ⚡ Quick win

Broad directory exclusion disables gitleaks scanning entirely for docs/.

paths fully excludes matching files from scanning (independent of regexex), so any file anywhere under docs/ — including hand-authored .md files, JS assets, etc. — is now unscanned, not just the generated pages with placeholder tokens. A narrower pattern (e.g. targeting only the generated HTML/MD pages or a documented placeholder-token pattern) would preserve coverage for genuinely committed secrets in docs.

🔒️ Suggested narrower allowlist
-paths = ['''class_generator/schema/''', '''docs/''']
+paths = ['''class_generator/schema/''', '''docs/.*\.(html|md)$''']
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.gitleaks.toml at line 7, The gitleaks allowlist is too broad because the
docs/ entry in the paths list excludes every file under docs/ from scanning.
Narrow the exclusion in .gitleaks.toml so only the generated placeholder-token
docs are skipped, using a more specific path/pattern near the existing
class_generator/schema/ rule, and preserve scanning for authored docs assets
such as markdown and JS.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@docs/class-generator-cli.md`:
- Around line 663-669: The schema-files summary in the CLI docs is inconsistent
with the table contents. Update the introductory sentence around the schema file
list so it matches the three entries shown, and make sure the description around
the schema management section stays aligned with the symbols named in the table
(`__resources-mappings.json.gz`, `_definitions.json`, and
`__cluster_version__.txt`).
- Around line 25-28: The shell completion tip currently mixes bash and zsh in
one snippet and hard-codes zsh_source, so update the docs to provide separate
completion examples for bash and zsh. In the class-generator-cli.md content,
replace the single command with two clearly labeled snippets using the
class-generator completion variable, one for bash_source and one for zsh_source,
so the instructions match the referenced shells.
- Around line 441-452: Update the Execution Order documentation to explicitly
state that --generate-missing short-circuits normal generation, so the CLI
returns before -k/--kind and --add-tests are processed; adjust the ordering note
in the class-generator CLI docs to make it clear these options are ignored in
the same invocation when --generate-missing is set.

In `@docs/common-patterns.md`:
- Around line 1-19: The published docs currently include internal generation
chatter from the documentation draft, so remove the “Let me…” transcript text
from the content used by the docs page. Update the doc source handling around
the page content in docs/common-patterns.md so only the actual documentation
remains, then regenerate the HTML artifacts to confirm the transcript no longer
renders.

In `@docs/connecting-to-clusters.md`:
- Around line 192-199: The in-cluster fallback description in get_client() is
too broad; it should only mention falling back after DynamicClient(...) raises
MaxRetryError, not after any kubeconfig/config-loading failure. Update the prose
around get_client() to narrow the claim, and keep the wording aligned with the
actual retry/fallback path used by the client initialization logic.
- Around line 267-307: Update the `get_client()` API reference so the return
type reflects both real and fake clients: the `get_client` signature/returns
section currently mentions only `DynamicClient`, but `fake=True` returns
`FakeDynamicClient` as well. Adjust the type description in the `get_client`
docs to include `FakeDynamicClient` alongside `DynamicClient`, and make sure the
parameter table entry for `fake` still points readers to that behavior.

In `@docs/creating-and-managing-resources.md`:
- Around line 447-455: The example snippet is missing the Namespace symbol used
in ResourceList(...), so add the appropriate Namespace import alongside the
existing ocp_resources imports in the documented example. Update the import
section near the ResourceList usage so Namespace is explicitly available before
constructing namespaces, keeping the example consistent with the other imported
resource types.

In `@docs/editing-resources-temporarily.md`:
- Around line 190-198: The no-op detection wording in ResourceEditor is too
broad and should be limited to the backup-enabled flow only. Update the
documentation around ResourceEditor’s no-op handling to clarify that unchanged
patches are skipped only when update(backup_resources=True) or the backup
context manager is used, while plain update() still applies the patch. Keep the
example message tied to the ResourceEdit skip behavior, and adjust the
surrounding text in the no-op detection section to match that scope.

In `@docs/error-handling.md`:
- Around line 477-489: The auth example disables TLS verification via the
Configuration setup, which is unsafe to copy into real usage. Update the snippet
around client_configuration_with_basic_auth and Configuration to avoid setting
verify_ssl to False, and instead show a trusted-CA/certificate-based
configuration or clearly mark the example as test-only. Keep the example focused
on secure auth flow and use the existing kubernetes.client.Configuration and
client_configuration_with_basic_auth symbols to locate the change.

In `@docs/managing-resource-lists.md`:
- Around line 182-190: The ResourceList example shows clean_up(wait=True) and
clean_up(wait=False) back-to-back, which makes it look like two sequential
teardowns on the same object. Update the snippet around ResourceList.deploy and
clean_up so the wait=True and wait=False calls are presented as mutually
exclusive alternatives, such as separate examples or an explicit either/or
structure, rather than consecutive commands.

In `@docs/pod-execution-and-logs.md`:
- Around line 1-12: Remove the AI scratch commentary from the published
documentation so the page starts with the actual pod execution and logs content.
Clean up the introductory block in the doc content before the real
title/sections begin, ensuring only finished documentation text remains and none
of the “Let me explore…/Now let me check…” notes are included.

In `@docs/querying-resources.md`:
- Around line 402-423: The field-selector examples use inconsistent syntax, so
update the snippets and nearby troubleshooting text to use one Kubernetes
field-selector form consistently. Review the `pod.events(...)` and
`Event.list(...)` examples in the querying-resources docs and replace the mixed
`==` usage with the standard syntax used by the wrapper’s `field_selector`
parameter, keeping the examples aligned throughout.

---

Outside diff comments:
In `@docs/quickstart.md`:
- Around line 466-474: The quickstart example is calling cm.create() redundantly
inside the ConfigMap context manager, which can double-submit the request.
Update the ConfigMap usage so the with ConfigMap(...) as cm: block relies on the
context manager’s built-in create/cleanup behavior, and remove the extra
create() call unless the fake-client path truly needs special handling. If it
does, make that exception explicit in the example near ConfigMap.

---

Duplicate comments:
In `@docs/pod-execution-and-logs.html`:
- Around line 269-274: The HTML output contains leaked AI scratch notes that
should not be rendered; remove the commentary from the source documentation and
regenerate the page. Update the `docs/pod-execution-and-logs.md` content that
feeds this HTML, then rebuild so the rendered output no longer includes the
exploratory sentences in the affected section.

---

Nitpick comments:
In @.gitleaks.toml:
- Line 7: The gitleaks allowlist is too broad because the docs/ entry in the
paths list excludes every file under docs/ from scanning. Narrow the exclusion
in .gitleaks.toml so only the generated placeholder-token docs are skipped,
using a more specific path/pattern near the existing class_generator/schema/
rule, and preserve scanning for authored docs assets such as markdown and JS.

In @.pre-commit-config.yaml:
- Line 45: The detect-secrets exclude in the pre-commit config is too broad and
disables scanning for the whole docs tree. Narrow the pattern in the pre-commit
hook configuration so it only skips the specific generated pages or
placeholder-token files, not every path under docs/; keep the change localized
in the hook entry that currently uses the docs/.* exclusion.

In `@docs/assets/style.css`:
- Around line 70-71: The mixed-case font-family values in the style sheet are
being flagged by the value-keyword-case lint rule, but the identifiers in the
font stack should remain unchanged. Update the Stylelint configuration to ignore
font-family for value-keyword-case, or add a targeted disable around the
relevant --font-sans and --font-mono declarations, rather than lowercasing the
font names themselves.

In `@docs/mcp-server-integration.md`:
- Line 94: Several fenced prompt-example blocks in the MCP server integration
docs are missing a language tag and are failing MD040. Update the affected
fenced code blocks in the markdown so they use a language identifier such as
text, keeping the existing prompt content intact and ensuring consistency with
Docsify syntax highlighting. Focus on the prompt-example fences throughout the
document rather than changing the surrounding prose.

In `@README.md`:
- Around line 3-4: The README now has multiple documentation pointers that
conflict, so consolidate them into a single canonical source or clearly label
one as primary and the others as secondary. Update the top-level docs link and
the existing “Docs:” reference plus the “## docs” section so they all point to
the same authoritative destination, and use consistent wording in README.md to
remove ambiguity for readers.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 297a7e88-3f1e-40f0-b0ea-201ece7de540

📥 Commits

Reviewing files that changed from the base of the PR and between 3d29c21 and b8ba0c1.

📒 Files selected for processing (58)
  • .gitleaks.toml
  • .pre-commit-config.yaml
  • README.md
  • docs/.nojekyll
  • docs/assets/callouts.js
  • docs/assets/codelabels.js
  • docs/assets/copy.js
  • docs/assets/github.js
  • docs/assets/scrollspy.js
  • docs/assets/search.js
  • docs/assets/style.css
  • docs/assets/theme.js
  • docs/class-generator-cli.html
  • docs/class-generator-cli.md
  • docs/common-patterns.html
  • docs/common-patterns.md
  • docs/connecting-to-clusters.html
  • docs/connecting-to-clusters.md
  • docs/creating-and-managing-resources.html
  • docs/creating-and-managing-resources.md
  • docs/editing-resources-temporarily.html
  • docs/editing-resources-temporarily.md
  • docs/environment-variables.html
  • docs/environment-variables.md
  • docs/error-handling.html
  • docs/error-handling.md
  • docs/generating-resource-classes.html
  • docs/generating-resource-classes.md
  • docs/index.html
  • docs/llms-full.txt
  • docs/llms.txt
  • docs/managing-resource-lists.html
  • docs/managing-resource-lists.md
  • docs/mcp-server-integration.html
  • docs/mcp-server-integration.md
  • docs/pod-execution-and-logs.html
  • docs/pod-execution-and-logs.md
  • docs/querying-resources.html
  • docs/querying-resources.md
  • docs/quickstart.html
  • docs/quickstart.md
  • docs/resource-api.html
  • docs/resource-api.md
  • docs/resource-class-hierarchy.html
  • docs/resource-class-hierarchy.md
  • docs/schema-validation-internals.html
  • docs/schema-validation-internals.md
  • docs/search-index.json
  • docs/testing-without-cluster.html
  • docs/testing-without-cluster.md
  • docs/validating-resources.html
  • docs/validating-resources.md
  • docs/waiting-for-conditions.html
  • docs/waiting-for-conditions.md
  • docs/working-with-events.html
  • docs/working-with-events.md
  • docs/working-with-virtual-machines.html
  • docs/working-with-virtual-machines.md

Comment on lines +25 to +28
> **Tip:** Enable shell completion by adding to `~/.bashrc` or `~/.zshrc`:
> ```bash
> if type class-generator > /dev/null; then eval "$(_CLASS_GENERATOR_COMPLETE=zsh_source class-generator)"; fi
> ```

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win

Show separate bash and zsh completion snippets.

The snippet says it applies to both ~/.bashrc and ~/.zshrc, but it hard-codes zsh_source, so the bash example is wrong.

Proposed fix
-> ```bash
-> if type class-generator > /dev/null; then eval "$(_CLASS_GENERATOR_COMPLETE=zsh_source class-generator)"; fi
-> ```
+> ```bash
+> # bash
+> if type class-generator >/dev/null; then eval "$(_CLASS_GENERATOR_COMPLETE=bash_source class-generator)"; fi
+>
+> # zsh
+> if type class-generator >/dev/null; then eval "$(_CLASS_GENERATOR_COMPLETE=zsh_source class-generator)"; fi
+> ```
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
> **Tip:** Enable shell completion by adding to `~/.bashrc` or `~/.zshrc`:
> ```bash
> if type class-generator > /dev/null; then eval "$(_CLASS_GENERATOR_COMPLETE=zsh_source class-generator)"; fi
> ```
> **Tip:** Enable shell completion by adding to `~/.bashrc` or `~/.zshrc`:
>
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/class-generator-cli.md` around lines 25 - 28, The shell completion tip
currently mixes bash and zsh in one snippet and hard-codes zsh_source, so update
the docs to provide separate completion examples for bash and zsh. In the
class-generator-cli.md content, replace the single command with two clearly
labeled snippets using the class-generator completion variable, one for
bash_source and one for zsh_source, so the instructions match the referenced
shells.

Comment on lines +441 to +452
## Execution Order

When multiple compatible options are specified together, the CLI processes them in this fixed order:

1. `--update-schema-for` (exits after completion)
2. `--update-schema` (exits unless `--generate-missing` is also set)
3. `--coverage-report` / `--discover-missing` / `--generate-missing` (coverage analysis and reporting)
4. `--generate-missing` (generates classes for missing resources)
5. `--regenerate-all` (batch regeneration, exits after completion)
6. `-k`/`--kind` (normal kind generation)
7. `--add-tests` (test generation and execution)

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Functional Correctness | 🟠 Major | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Map the likely files first.
git ls-files | rg '^(class_generator/cli\.py|class_generator/tests/test_cli\.py|docs/class-generator-cli\.md)$'

printf '\n--- cli outline ---\n'
ast-grep outline class_generator/cli.py --view expanded || true

printf '\n--- test outline ---\n'
ast-grep outline class_generator/tests/test_cli.py --view expanded || true

printf '\n--- doc lines around target ---\n'
wc -l docs/class-generator-cli.md
sed -n '430,465p' docs/class-generator-cli.md

Repository: RedHatQE/openshift-python-wrapper

Length of output: 3256


🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Inspect the execution branch handling around generate_missing and later options.
rg -n "generate[_-]missing|add_tests|kind|update_schema|coverage_report|discover_missing|regenerate_all" class_generator/cli.py class_generator/tests/test_cli.py

printf '\n--- relevant cli slice ---\n'
python3 - <<'PY'
from pathlib import Path
p = Path('class_generator/cli.py')
lines = p.read_text().splitlines()
for start, end in [(1, 260), (260, 520)]:
    print(f"\n### {p} {start}-{end}")
    for i in range(start, min(end, len(lines)) + 1):
        print(f"{i:4d}: {lines[i-1]}")
PY

Repository: RedHatQE/openshift-python-wrapper

Length of output: 37309


Document that --generate-missing exits before --kind / --add-tests. In the Execution Order section, note that --generate-missing returns before normal generation, so -k and --add-tests are ignored in the same invocation.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/class-generator-cli.md` around lines 441 - 452, Update the Execution
Order documentation to explicitly state that --generate-missing short-circuits
normal generation, so the CLI returns before -k/--kind and --add-tests are
processed; adjust the ordering note in the class-generator CLI docs to make it
clear these options are ignored in the same invocation when --generate-missing
is set.

Comment on lines +663 to +669
The CLI manages two schema files under `class_generator/schema/`:

| File | Purpose |
|------|---------|
| `__resources-mappings.json.gz` | Compressed JSON mapping of lowercase Kind → list of schemas with GVK metadata and namespaced status |
| `_definitions.json` | JSON Schema definitions for `$ref` resolution during validation |
| `__cluster_version__.txt` | Last cluster version used for schema generation |

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick win

Fix the schema-files count.

This section says the CLI manages two schema files, but the table lists three (__resources-mappings.json.gz, _definitions.json, and __cluster_version__.txt). Please make the intro and table agree.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/class-generator-cli.md` around lines 663 - 669, The schema-files summary
in the CLI docs is inconsistent with the table contents. Update the introductory
sentence around the schema file list so it matches the three entries shown, and
make sure the description around the schema management section stays aligned
with the symbols named in the table (`__resources-mappings.json.gz`,
`_definitions.json`, and `__cluster_version__.txt`).

Comment thread docs/common-patterns.md
Comment on lines +1 to +19
Let me start by reading the knowledge graph and the pages manifest, then explore the codebase.

Now let me look at more resource files for networking, RBAC, and DataVolume:

Now let me look at the secret, network policy, network attachment definition, and the duplicate API groups handling:

Now let me look at the duplicate API groups handling:

Now let me look at some files with duplicate kinds to understand the pattern:

Now let me look at how to exec in pods and also look at the user_defined_network and apply_yaml approach:

Now let me look at how the `yaml_file` parameter works and look at the event-related code:

Now let me check some gateway files to see the pattern for duplicate API groups:

Now let me look at the `user_defined_network.py` for newer networking resources:

Now I have enough information. Let me write the documentation page:

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick win

Remove the generation transcript from the published docs.

These Let me... notes are internal build chatter, not page content, and they will render verbatim. Strip them before publishing and regenerate the HTML artifacts.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/common-patterns.md` around lines 1 - 19, The published docs currently
include internal generation chatter from the documentation draft, so remove the
“Let me…” transcript text from the content used by the docs page. Update the doc
source handling around the page content in docs/common-patterns.md so only the
actual documentation remains, then regenerate the HTML artifacts to confirm the
transcript no longer renders.

Comment on lines +192 to +199
When your code runs inside a pod on the cluster (for example, in a CI/CD pipeline or operator), `get_client()` automatically falls back to in-cluster configuration if the kubeconfig-based connection fails:

```python
# Inside a pod — no config_file or host needed
client = get_client()
```

The library first attempts to connect using the kubeconfig. If that fails with a connection error, it loads credentials from the pod's service account token mounted at `/var/run/secrets/kubernetes.io/serviceaccount/`.

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Functional Correctness | 🟠 Major | ⚡ Quick win

Narrow the in-cluster fallback claim.

get_client() only reaches in-cluster config after DynamicClient(...) raises MaxRetryError; earlier kubeconfig/config-loading failures won't follow this path.

Suggested wording
-`get_client()` automatically falls back to in-cluster configuration if the kubeconfig-based connection fails
+`get_client()` falls back to in-cluster configuration after client creation raises `MaxRetryError`
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
When your code runs inside a pod on the cluster (for example, in a CI/CD pipeline or operator), `get_client()` automatically falls back to in-cluster configuration if the kubeconfig-based connection fails:
```python
# Inside a pod — no config_file or host needed
client = get_client()
```
The library first attempts to connect using the kubeconfig. If that fails with a connection error, it loads credentials from the pod's service account token mounted at `/var/run/secrets/kubernetes.io/serviceaccount/`.
When your code runs inside a pod on the cluster (for example, in a CI/CD pipeline or operator), `get_client()` falls back to in-cluster configuration after client creation raises `MaxRetryError`:
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/connecting-to-clusters.md` around lines 192 - 199, The in-cluster
fallback description in get_client() is too broad; it should only mention
falling back after DynamicClient(...) raises MaxRetryError, not after any
kubeconfig/config-loading failure. Update the prose around get_client() to
narrow the claim, and keep the wording aligned with the actual retry/fallback
path used by the client initialization logic.

Comment on lines +243 to +245
```
{<Kind>: {<name>: <namespace>}}
```

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick win

Tag this example fence with a language.

Markdownlint flags this bare fence (MD040). Since it contains a YAML dict example, mark it yaml.

Suggested fix
-```
+```yaml
 {<Kind>: {<name>: <namespace>}}
</details>

<!-- suggestion_start -->

<details>
<summary>📝 Committable suggestion</summary>

> ‼️ **IMPORTANT**
> Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

```suggestion

🧰 Tools
🪛 markdownlint-cli2 (0.22.1)

[warning] 243-243: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

Source: Linters/SAST tools

Comment thread docs/error-handling.md
Comment on lines +477 to +489
configuration = kubernetes.client.Configuration()
configuration.verify_ssl = False

try:
api_client = client_configuration_with_basic_auth(
username="admin",
password="password",
host="https://api.cluster.example.com:6443",
configuration=configuration,
)
except ClientWithBasicAuthError as e:
print(f"Authentication failed: {e}")
```

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔒 Security & Privacy | 🟠 Major | ⚡ Quick win

Don't disable TLS verification in the auth example.

configuration.verify_ssl = False is easy to copy into real clusters and weakens the auth flow outside throwaway environments. Show a trusted-CA setup or label this snippet as test-only.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/error-handling.md` around lines 477 - 489, The auth example disables TLS
verification via the Configuration setup, which is unsafe to copy into real
usage. Update the snippet around client_configuration_with_basic_auth and
Configuration to avoid setting verify_ssl to False, and instead show a
trusted-CA/certificate-based configuration or clearly mark the example as
test-only. Keep the example focused on secure auth flow and use the existing
kubernetes.client.Configuration and client_configuration_with_basic_auth symbols
to locate the change.

Comment on lines +182 to +190
Pass `wait=True` to `deploy()` to wait for each resource to reach a ready state. By default, `clean_up()` already waits for deletion to complete.

```python
namespaces = ResourceList(resource_class=Namespace, num_resources=2, client=client, name="ns")
namespaces.deploy(wait=True)

# Later...
namespaces.clean_up(wait=True) # wait=True is the default
namespaces.clean_up(wait=False) # Skip waiting for deletion

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win

Show clean_up(wait=True) and clean_up(wait=False) as alternatives.

Written back-to-back, this reads like a second teardown pass on the same list. That is easy to copy incorrectly; make the two modes mutually exclusive in the example.

♻️ Suggested rewrite
 namespaces.clean_up(wait=True)   # wait=True is the default
-namespaces.clean_up(wait=False)  # Skip waiting for deletion
+# Or, if you want to skip waiting:
+# namespaces.clean_up(wait=False)
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
Pass `wait=True` to `deploy()` to wait for each resource to reach a ready state. By default, `clean_up()` already waits for deletion to complete.
```python
namespaces = ResourceList(resource_class=Namespace, num_resources=2, client=client, name="ns")
namespaces.deploy(wait=True)
# Later...
namespaces.clean_up(wait=True) # wait=True is the default
namespaces.clean_up(wait=False) # Skip waiting for deletion
Pass `wait=True` to `deploy()` to wait for each resource to reach a ready state. By default, `clean_up()` already waits for deletion to complete.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/managing-resource-lists.md` around lines 182 - 190, The ResourceList
example shows clean_up(wait=True) and clean_up(wait=False) back-to-back, which
makes it look like two sequential teardowns on the same object. Update the
snippet around ResourceList.deploy and clean_up so the wait=True and wait=False
calls are presented as mutually exclusive alternatives, such as separate
examples or an explicit either/or structure, rather than consecutive commands.

Comment on lines +1 to +12
Let me explore the repository structure and understand the codebase first.

Now let me check the `read_namespaced_pod_log` kwargs available, and look at how the MCP server uses log parameters:

Now let me check the import paths and verify the `get_client` function:

Now let me check test files for pod execution tests:

Now let me also verify whether the Node class has a `name` property:

Now I have all the information I need to write the documentation. Let me compose it:

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

📐 Maintainability & Code Quality | 🟠 Major | ⚡ Quick win

Remove leaked AI-generation scratch notes from the published doc.

Lines 1-12 contain leftover generation-process commentary ("Let me explore the repository structure...", "Now let me check...") that isn't part of the actual documentation content. This reads as unpolished/broken to end users and should be stripped before the page's actual title/content begins at line 13.

Proposed fix
-Let me explore the repository structure and understand the codebase first.
-
-Now let me check the `read_namespaced_pod_log` kwargs available, and look at how the MCP server uses log parameters:
-
-Now let me check the import paths and verify the `get_client` function:
-
-Now let me check test files for pod execution tests:
-
-Now let me also verify whether the Node class has a `name` property:
-
-Now I have all the information I need to write the documentation. Let me compose it:
-
 # Executing Commands in Pods and Retrieving Logs
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
Let me explore the repository structure and understand the codebase first.
Now let me check the `read_namespaced_pod_log` kwargs available, and look at how the MCP server uses log parameters:
Now let me check the import paths and verify the `get_client` function:
Now let me check test files for pod execution tests:
Now let me also verify whether the Node class has a `name` property:
Now I have all the information I need to write the documentation. Let me compose it:
# Executing Commands in Pods and Retrieving Logs
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/pod-execution-and-logs.md` around lines 1 - 12, Remove the AI scratch
commentary from the published documentation so the page starts with the actual
pod execution and logs content. Clean up the introductory block in the doc
content before the real title/sections begin, ensuring only finished
documentation text remains and none of the “Let me explore…/Now let me check…”
notes are included.

Comment on lines +402 to +423
```python
# Example: filter for Warning events with a specific reason
for event in pod.events(
field_selector="type==Warning,reason==BackOff",
timeout=10,
):
print(event.object.message)
```

### List existing events (non-streaming)

Use `Event.list()` to get a snapshot of existing events without streaming:

```python
from ocp_resources.event import Event

# List Warning events from the last 5 minutes
events = Event.list(
client=client,
namespace="my-namespace",
field_selector="type==Warning",
)

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Find all relevant field_selector mentions and implementation points.
rg -n --hidden --glob '!**/.git/**' \
  'field_selector|field selector|field-selector|==Warning|reason==|status\.phase==|status.phase=' \
  docs src . 2>/dev/null | sed -n '1,240p'

echo '--- FILE LIST ---'
git ls-files | rg '(^docs/|(^|/)event(\.|\b)|field_selector|selector|resource)' | sed -n '1,240p'

Repository: RedHatQE/openshift-python-wrapper

Length of output: 50392


🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Inspect likely implementation files for selector handling.
files=$(git ls-files | rg '(^src/|^ocp_resources/|^lib/).*(event|selector|resource)')
printf '%s\n' "$files" | sed -n '1,200p'

# Map the most likely candidate(s) before reading.
for f in $files; do
  case "$f" in
    *event*|*selector*|*resource*)
      echo "--- OUTLINE: $f ---"
      ast-grep outline "$f" --view expanded 2>/dev/null || true
      ;;
  esac
done

Repository: RedHatQE/openshift-python-wrapper

Length of output: 8281


🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Read the relevant doc sections around the referenced lines.
for f in docs/querying-resources.md; do
  echo "--- $f (around cited lines) ---"
  sed -n '380,470p' "$f" | cat -n
  echo "--- $f (later mention) ---"
  sed -n '530,570p' "$f" | cat -n
done

Repository: RedHatQE/openshift-python-wrapper

Length of output: 4808


🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Inspect the implementation that builds/passes field selectors.
sed -n '1180,1465p' ocp_resources/resource.py | cat -n
echo '---'
sed -n '1,240p' ocp_resources/event.py | cat -n

Repository: RedHatQE/openshift-python-wrapper

Length of output: 23540


🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Inspect the documentation source around the cited lines for the exact selector strings.
sed -n '400,470p' docs/querying-resources.md | cat -n
echo '---'
sed -n '540,565p' docs/querying-resources.md | cat -n

Repository: RedHatQE/openshift-python-wrapper

Length of output: 3725


Normalize the field-selector syntax in these examples. The wrapper passes field_selector through unchanged, so the docs should use one Kubernetes field-selector form consistently instead of mixing == and = across the snippets and troubleshooting text.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/querying-resources.md` around lines 402 - 423, The field-selector
examples use inconsistent syntax, so update the snippets and nearby
troubleshooting text to use one Kubernetes field-selector form consistently.
Review the `pod.events(...)` and `Event.list(...)` examples in the
querying-resources docs and replace the mixed `==` usage with the standard
syntax used by the wrapper’s `field_selector` parameter, keeping the examples
aligned throughout.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants