Skip to content

feat: add option to specify the clusterIP of OpenFGA service #264

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Khayet wants to merge 3 commits into
base: main
Choose a base branch
from
Open

feat: add option to specify the clusterIP of OpenFGA service #264

Khayet wants to merge 3 commits into from

Conversation

@Khayet
Copy link
Contributor

@Khayet Khayet commented Oct 10, 2025
edited by coderabbitai bot
Loading

Adds the option to specify the ClusterIP of the OpenFGA service. This allows running OpenFGA as a "headless service" (see https://kubernetes.io/docs/concepts/services-networking/service/#headless-services).

What problem is being solved?

We want to run OpenFGA as a headless service, so we can do client-side load balancing of our gRPC connection (which requires discovering the IPs of the individual replicas).

How is it being solved?

Adds service.clusterIP entry to values.yaml and sets the service specification accordingly.

What changes are made to solve it?

  • New clusterIP setting in values.yaml
  • If clusterIP is set, the service specification uses it

References

Review Checklist

  • I have clicked on "allow edits by maintainers".
  • I have added documentation for new/changed functionality in this PR or in a PR to openfga.dev [Provide a link to any relevant PRs in the references section above] -> no additional documentation necessary
  • The correct base branch is being used, if not main
  • [] I have added tests to validate that the change in functionality is working as expected -> I don't see where I would add an automated test but I have tested it locally.

Summary by CodeRabbit

  • New Features
    • Service now supports configurable clusterIP; when unspecified, defaults to a headless Service (clusterIP: None) to improve compatibility with stateful/discovery setups.
  • Chores
    • Minor YAML formatting cleanup for the HTTP port name with no functional impact.

@Khayet Khayet requested review from a team as code owners October 10, 2025 08:16
@linux-foundation-easycla
Copy link

linux-foundation-easycla bot commented Oct 10, 2025
edited
Loading

CLA Signed

The committers listed above are authorized under a signed CLA.

  • ✅ login: rhamzeh / name: Raghd Hamzeh (e816aba)

@coderabbitai
Copy link

coderabbitai bot commented Oct 10, 2025
edited
Loading

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

Added optional Service clusterIP templating in Helm and set default service.clusterIP to None in values, making the Service headless. Minor port name formatting adjustment.

Changes

Cohort / File(s) Summary
Service templating
charts/openfga/templates/service.yaml		 Add conditional `spec.clusterIP: {{ .Values.service.clusterIP
Chart values
charts/openfga/values.yaml		 Introduce service.clusterIP: None default to enable headless Service.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related issues

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check ✅ Passed The title clearly and succinctly describes the primary change of adding a configurable clusterIP option for the OpenFGA service, directly reflecting the modifications to values.yaml and the service template. It avoids unnecessary detail while remaining specific about the feature being introduced. This phrasing enables teammates to understand the pull request’s main intent at a glance.
Docstring Coverage ✅ Passed No functions found in the changes. Docstring coverage check skipped.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@Khayet Khayet force-pushed the add-option-to-set-clusterip-none branch from 1776c38 to e5353b6 Compare October 10, 2025 08:20
@Khayet Khayet closed this Oct 10, 2025
@Khayet Khayet reopened this Oct 10, 2025
@Khayet Khayet force-pushed the add-option-to-set-clusterip-none branch from e5353b6 to 2b57cfc Compare October 10, 2025 08:23
coderabbitai[bot]
coderabbitai bot reviewed Oct 10, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e693a7a and 2b57cfc.

📒 Files selected for processing (2)
  • charts/openfga/templates/service.yaml (1 hunks)
  • charts/openfga/values.yaml (1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
  • GitHub Check: lint-test

HannesHerrmannAA
HannesHerrmannAA reviewed Oct 10, 2025
View reviewed changes
@Khayet
Copy link
Contributor Author

Khayet commented Oct 10, 2025

@coderabbitai review

@coderabbitai
Copy link

coderabbitai bot commented Oct 10, 2025

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

@HannesHerrmannAA
Copy link

HannesHerrmannAA commented Oct 13, 2025
edited
Loading

Anything blocking for merging this and release a new version of the helm chart?
Perhaps @rhamzeh ?

rhamzeh
rhamzeh approved these changes Dec 11, 2025
View reviewed changes
Copy link
Member

@rhamzeh rhamzeh left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @Khayet - approving!

(sorry for the delays)

Copilot AI review requested due to automatic review settings December 11, 2025 02:50
Copilot AI reviewed Dec 11, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This pull request adds support for configuring the clusterIP field of the OpenFGA Kubernetes service, enabling users to run OpenFGA as a headless service for client-side load balancing of gRPC connections. The implementation allows users to specify service.clusterIP in their values configuration, which is then applied to the service manifest.

Key Changes:

  • Added conditional rendering of clusterIP field in service.yaml template
  • Fixed trailing whitespace in the http port name definition

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

charts/openfga/templates/service.yaml
Comment on lines +13 to +15
{{- if .Values.service.clusterIP }}
clusterIP: {{ .Values.service.clusterIP }}
{{- end }}
Copy link

Copilot AI Dec 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The service template references .Values.service.clusterIP but this field has not been added to the values.yaml file. Users will not be able to configure this setting without adding it to the values.yaml file. Add a clusterIP field under the service section in values.yaml with appropriate documentation.

Copilot uses AI. Check for mistakes.
charts/openfga/templates/service.yaml
Comment on lines +13 to +15
{{- if .Values.service.clusterIP }}
clusterIP: {{ .Values.service.clusterIP }}
{{- end }}
Copy link

Copilot AI Dec 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The new clusterIP field should be documented in the values.schema.json file to provide schema validation and documentation for users. Add a schema definition for the clusterIP property under the service object in values.schema.json, including a description that explains it can be set to "None" for headless services or a specific IP address.

Copilot uses AI. Check for mistakes.
Copy link
Member

@rhamzeh rhamzeh Dec 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Khayet I agree with the bot here, it would be nice to add this to values.schema.json so that it is more visible to users - would you mind doing that?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rhamzeh rhamzeh rhamzeh approved these changes

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Copilot code review Copilot Copilot left review comments

+1 more reviewer

@HannesHerrmannAA HannesHerrmannAA HannesHerrmannAA left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add the option to run OpenFGA as a headless service

3 participants

@Khayet @HannesHerrmannAA @rhamzeh