feat: add Carbide provider implementation#128
Draft
fabiendupont wants to merge 8 commits into
Draft
Conversation
Override configs can now merge into base check lists instead of replacing
them entirely, by including a `{__merge__: true}` marker. Matching checks
are deep-merged by key, new checks are appended, and `"__remove__"` drops
a check. Without the marker, lists are replaced as before (backward compat).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Signed-off-by: Fabien Dupont <fdupont@redhat.com>
Keys set to "__remove__" are deleted during deep_merge, enabling selective removal of inherited values in nested dicts (e.g., dropping a single label from expected_labels without replacing the entire dict). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Signed-off-by: Fabien Dupont <fdupont@redhat.com>
Templates now define WHAT to validate (checks with context variable
defaults), while provider configs define HOW to provision (commands
and stubs). This enables composable validation:
isvctl test run -f templates/kaas.yaml -f aws/eks.yaml
Key changes:
- Remove commands block from all 7 templates
- Replace hardcoded values with {{ context.X | default('Y') }}
- Template stubs in stubs/ remain as copy-paste starting points
- Existing self-contained provider configs (aws/) keep working
- Update README with layered usage documentation
The merge engine combines tests from the template with commands
from the provider. Context variables flow through Jinja2 rendering
into validation parameters at runtime.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Signed-off-by: Fabien Dupont <fdupont@redhat.com>
Adds eks-layered.yaml that supplies only commands (Terraform stubs)
and context overrides, designed to pair with templates/kaas.yaml:
isvctl test run \
-f isvctl/configs/templates/kaas.yaml \
-f isvctl/configs/aws/eks-layered.yaml
The existing self-contained eks.yaml is unchanged (backward compat).
Adds 6 integration tests verifying:
- Templates have no commands block
- Layered merge produces both commands and tests
- Context overrides flow through
- Standalone eks.yaml still works
- Layered and standalone have the same validation check names
- All 7 templates are validation-only
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Signed-off-by: Fabien Dupont <fdupont@redhat.com>
Implements the control-plane template for the Carbide provider using
carbidecli. Maps template concepts to Carbide resources:
- API health → tenant get, site list
- Access keys → SSH key group + SSH key CRUD
- Tenants → VPC CRUD
Includes:
- carbide/control-plane.yaml: layered provider config
- stubs/carbide/common/carbide.py: shared helper (run_carbide, state mgmt)
- stubs/carbide/control-plane/: 10 stub scripts matching template steps
Usage:
isvctl test run \
-f isvctl/configs/templates/control-plane.yaml \
-f isvctl/configs/carbide/control-plane.yaml
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Signed-off-by: Fabien Dupont <fdupont@redhat.com>
Implements 3 upstream templates for the Carbide provider: Network (carbide/network.yaml + 8 stubs): VPC CRUD, subnet configuration, VPC isolation, NSG security rules, connectivity and traffic validation via carbidecli. Image Registry (carbide/image-registry.yaml + 6 stubs): OperatingSystem CRUD, instance launch from OS image, install config lifecycle — validates Carbide's image management capabilities. Bare Metal (carbide/bm.yaml + 7 stubs): Instance launch/describe/list/reboot/teardown via carbidecli. Reinstall is skipped (not supported). NIM deploy/teardown reuse the shared template stubs. All providers use the layered approach: isvctl test run -f templates/<template>.yaml -f carbide/<provider>.yaml Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Signed-off-by: Fabien Dupont <fdupont@redhat.com>
IAM provider (carbide/iam.yaml + 3 stubs): Validates API token, checks scope coverage for all templates, proves write access via temp SSH key lifecycle. Full Carbide API surface (common/carbide.py): CARBIDE_API_RESOURCES maps all 24 resources from the OpenAPI spec (bare-metal-manager-rest) with their operations and scope names. CRUD library (common/resources.py): Pre-configured CarbideResource instances for all resources: site, vpc, vpc-prefix, subnet, nsg, ipblock, allocation, instance, instance-type, machine, expected-machine, operating-system, infiniband-partition, nvlink-logical-partition, nvlink-interface, dpu-extension-service, sshkeygroup, sshkey, tenant, rack, tray, sku, audit. Dynamic scope calculation: effective_scopes_for_template() reduces required scopes when pre-existing resources are set via CARBIDE_*_ID env vars. TEMPLATE_REQUIRED_SCOPES defines minimum scopes per template. Pre-existing resource support in create/teardown stubs: CARBIDE_VPC_ID, CARBIDE_VPC_PREFIX_ID, CARBIDE_SUBNET_ID, CARBIDE_SSH_KEY_GROUP_ID, CARBIDE_OS_ID, CARBIDE_INSTANCE_ID. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Signed-off-by: Fabien Dupont <fdupont@redhat.com>
Register Carbide provider configs in PLATFORM_CONFIGS so test coverage tracking knows which validations are used by the Carbide provider (control-plane, network, image-registry, bm, iam). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> Signed-off-by: Fabien Dupont <fdupont@redhat.com>
3 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Carbide provider using
carbidecli, covering 5 upstream templates:CarbideResourceclassTest plan
🤖 Generated with Claude Code