Adding CoreDNS rewrite

[ewassef]

This pull request introduces significant enhancements to the ReverseProxyClient class, primarily focusing on improving Kubernetes cluster management by adding functionality for patching CoreDNS configurations and handling TLS secrets. Additionally, it updates the corresponding test suite to ensure comprehensive coverage of the new functionality.

Core Functionality Enhancements:

• Added the PatchCoreDns method to dynamically update CoreDNS configurations for new clusters by adding rewrite entries and restarting CoreDNS pods. This ensures that DNS entries for clusters are properly configured.
• Introduced the CreateTlsSecret method to handle TLS secret creation for clusters, with improved error handling and early exits when conditions are not met. [1] [2]
• Updated the UpsertCluster method to integrate the new PatchCoreDns and CreateTlsSecret methods, streamlining cluster setup and configuration.

Refactoring and Code Quality:

• Refactored variable and mock names in ReverseProxyClientTests for clarity (_k8sMock renamed to _kubeClientMock).

Unit Test Additions:

• Added multiple unit tests in ReverseProxyClientTests to validate the behavior of PatchCoreDns, covering scenarios such as missing ingress services, missing CoreDNS config maps, and successful updates with pod restarts. These tests ensure robustness and reliability of the new functionality.

[Copilot]

Pull Request Overview

This PR adds CoreDNS patching and TLS secret creation to ReverseProxyClient, integrates them into the cluster upsert flow, and updates tests accordingly.

• Introduces PatchCoreDns to insert DNS rewrite rules and restart CoreDNS pods.
• Implements CreateTlsSecret to wait for and create TLS secrets, with early exit on errors.
• Updates UpsertCluster to call new methods and refactors test mocks/names.

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.

File	Description
cli/src/Vdk/Services/ReverseProxyClient.cs	Added PatchCoreDns, CreateTlsSecret, updated UpsertCluster signature and logic
cli/tests/Vdk.Tests/ReverseProxyClientTests.cs	Renamed Kubernetes mock, added comprehensive tests for PatchCoreDns

Comments suppressed due to low confidence (3)

cli/src/Vdk/Services/ReverseProxyClient.cs:198

• The comment mentions checking up to 10 times, but the loop uses a maximum of 6 retries. Update either the comment or the retry limit for consistency.

            // check up to 10 times , waiting 5 seconds each time

cli/src/Vdk/Services/ReverseProxyClient.cs:295

• Comment refers to namespace 'vega', but error message references 'vega-system'. Update the comment to 'vega-system' for clarity and consistency.

        // wait until the namespace vega exists before proceeding with the secrets creation

cli/src/Vdk/Services/ReverseProxyClient.cs:319

• [nitpick] The boolean return value of CreateTlsSecret is inverted (true on failure, false on success), which can be confusing. Consider inverting the return values or renaming the method to clarify its semantics.

            return true;

[Copilot]

The parameter 'targetPortHttp' is not used within UpsertCluster. Consider removing it or adding logic to use it for HTTP traffic.

Suggested change

	PatchNginxConfig(clusterName, targetPortHttps);
	if (CreateTlsSecret(clusterName)) return;
	PatchCoreDns(clusterName);
	if (reload)
	ReloadConfigs();
	}
	private void PatchNginxConfig(string clusterName, int targetPortHttps)
	{
	// create a new server block in the nginx conf pointing to the target port listening on the https://clusterName.dev-k8s.cloud domain
	PatchNginxConfig(clusterName, targetPortHttps, targetPortHttp);
	if (CreateTlsSecret(clusterName)) return;
	PatchCoreDns(clusterName);
	if (reload)
	ReloadConfigs();
	}
	private void PatchNginxConfig(string clusterName, int targetPortHttps, int targetPortHttp)
	{
	// create a new server block in the nginx conf pointing to the target port listening on the https://clusterName.dev-k8s.cloud domain
	using (var writer = File.AppendText("/etc/nginx/conf.d/default.conf"))
	{
	writer.WriteLine("server {");
	writer.WriteLine($" listen {targetPortHttp};");
	writer.WriteLine($" server_name {clusterName}.dev-k8s.cloud;");
	writer.WriteLine(" location / {");
	writer.WriteLine(" proxy_pass http://host.docker.internal:5000;");
	writer.WriteLine(" proxy_set_header Host $host;");
	writer.WriteLine(" proxy_set_header X-Real-IP $remote_addr;");
	writer.WriteLine(" proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;");
	writer.WriteLine(" proxy_set_header X-Forwarded-Proto $scheme;");
	writer.WriteLine(" }");
	writer.WriteLine("}");
	}

[Copilot]

Using Thread.Sleep will block the thread and can significantly slow down both production execution and unit tests. Consider injecting a delay provider or reducing/removing the sleep for better performance and testability.

Suggested change

	Thread.Sleep(5000);
	await Task.Delay(5000);