Skip to content

fix(rest): enforce size bounds on VD resize to match create (Bug 155)#175

Open
Andrei Kvapil (kvaps) wants to merge 2 commits into
mainfrom
blue/round4-vd-resize-bounds
Open

fix(rest): enforce size bounds on VD resize to match create (Bug 155)#175
Andrei Kvapil (kvaps) wants to merge 2 commits into
mainfrom
blue/round4-vd-resize-bounds

Conversation

@kvaps

@kvaps Andrei Kvapil (kvaps) commented Jul 3, 2026

Copy link
Copy Markdown
Member

What

The VD resize path (PUT .../volume-definitions/{vn}, i.e. linstor vd set-size) did not enforce the [4 MiB, 16 TiB] size bounds the create path enforces via validateVDSize (Bug 155). A below-floor force-shrink (e.g. 3 MiB) or an over-ceiling grow (e.g. 16 TiB + 1 GiB) was accepted with 200 OK and stored verbatim, leaving a VolumeDefinition spec the satellite can never materialise — it hot-loops on drbdadm create-md / device resize indefinitely. This is the exact Bug 155 failure mode reached through the resize verb instead of create, and it does not self-heal.

Why it mattered

linstor vd set-size and linstor vd c should be symmetric on physical size bounds. The create path already refuses out-of-range sizes (TestBug155VDCreateRefusesAbsurdSize); the resize path silently accepted them, so a realistic operator or CSI resize could wedge a resource.

Fix

Gate size_kib in rejectVDPatchSize, reusing the create path's validateVDSize + writeVDSizeRejection so the rejection envelope (400 + FAIL_INVLD_VLM_SIZE, with cause/correction) is byte-identical across the two verbs. The bounds check runs before the shrink-vs-force gate — consistent with the existing Bug 383 non-positive floor — because force waives the shrink-direction opt-in, never the physical floor/ceiling; checking bounds first gives the operator the accurate "invalid size" error instead of an "add --force" hint on a size that would be refused even with force. A prop-only PUT (no size_kib) is untouched.

Tests (fail-on-bug, proven both directions)

  • L1 handler (pkg/rest/vd_put_size_bounds_round4_test.go): a below-floor force-shrink and an over-ceiling grow are refused with 400 + FAIL_INVLD_VLM_SIZE and leave the stored size untouched; inclusive-boundary sizes (exactly 4 MiB / 16 TiB) still land 200.
  • Integration / envtest (tests/integration/vd_resize_bounds_test.go): the same two scenarios driven through the real apiserver + store round-trip, asserting both the wire rejection and that the durable spec is unchanged.

Both fail on the pre-fix tree (PUT returns 200 and mutates the stored spec) and pass with the gate.

Heads-up for reviewers

TestVolumeDefinitionsUpdateLargeSizeKibRoundTrip previously used 1 PiB — above the 16 TiB DRBD ceiling the create path already refuses — so it was inadvertently pinning the very create/resize asymmetry this PR closes. Its genuine purpose (a multi-TiB size_kib survives the wire without int32 truncation) is preserved by switching to the largest in-bounds size (16 TiB, still ~8× the int32 clamp point).

Scope

REST-layer input-validation fix, fully proven at the L1 + integration (envtest) tiers. The L6 cli-matrix / L7 replay runs on the live DRBD stand are deferred (stand unavailable); this change does not touch the satellite/DRBD data plane.

Summary by CodeRabbit

  • New Features

    • Added broader size-bound checks for volume definition resize operations.
    • Expanded end-to-end coverage for out-of-range and in-range resize behavior.
  • Bug Fixes

    • Requests outside the allowed size range are now rejected consistently, including when force is used.
    • Boundary values are accepted, and successful in-range resizes remain persisted.
    • Existing volume sizes stay unchanged after rejected resize attempts.

The VD resize path (PUT .../volume-definitions/{vn}, `linstor vd
set-size`) did not enforce the [4 MiB, 16 TiB] size bounds the create
path enforces via validateVDSize (Bug 155). A below-floor force-shrink
or an over-ceiling grow was accepted (200) and stored verbatim, leaving
a spec the satellite can never materialise — it hot-loops on `drbdadm
create-md` / device resize forever, the exact Bug 155 failure mode
reached through the resize verb. It does not self-heal.

Gate size_kib in rejectVDPatchSize, reusing the create path's
validateVDSize + writeVDSizeRejection so the rejection envelope is
byte-identical across the create and resize verbs. The check runs
before the shrink-vs-force gate (like the Bug 383 non-positive floor):
force waives the shrink-direction opt-in, never the physical
floor/ceiling.

Regression tests (fail on the pre-fix tree, pass with the gate): L1
handler tests assert a below-floor force-shrink and an over-ceiling
grow are refused with 400 + FAIL_INVLD_VLM_SIZE and leave the stored
size untouched, plus an inclusive-boundary accept; an envtest pair
drives the same two scenarios through the real apiserver round-trip.

The existing LargeSizeKibRoundTrip test used 1 PiB — above the 16 TiB
ceiling the create path already refuses (TestBug155VDCreateRefusesAbsurd
Size) — so it was pinning the very create/resize asymmetry this gate
closes. Its int64-no-truncation guard now uses the largest in-bounds
size (16 TiB), still ~8x the int32 clamp point.

Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
Co-Authored-By: Claude <noreply@anthropic.com>
@coderabbitai

coderabbitai Bot commented Jul 3, 2026

Copy link
Copy Markdown

Review Change Stack

📝 Walkthrough

Walkthrough

Adds a size-bounds validation gate to the VD resize PUT path (rejectVDPatchOutOfBounds), rejecting out-of-bounds size_kib values with a FAIL_INVLD_VLM_SIZE envelope before shrink/force logic runs. Adds accompanying unit, integration, e2e CLI, and operator-harness replay tests, and updates an existing test to use an in-bounds ceiling constant.

Changes

VD resize size bounds

Layer / File(s) Summary
Bounds gate implementation
pkg/rest/volume_definitions.go
Adds rejectVDPatchOutOfBounds, invoked from rejectVDPatchSize, to reject PUT patches whose size_kib fails validateVDSize with a 400 FAIL_INVLD_VLM_SIZE envelope, short-circuiting before shrink/force checks.
Unit regression tests
pkg/rest/vd_put_size_bounds_round4_test.go, pkg/rest/volume_definitions_test.go
Adds tests for below-floor, above-max, inclusive-bounds, and in-bounds forced shrink cases with a shared rejection-envelope assertion helper; updates an existing round-trip test to use the 16 TiB ceiling constant instead of a 1 PiB value.
Integration tests
tests/integration/vd_resize_bounds_test.go
Adds PUT and durable-size-read helpers plus tests verifying below-floor and above-max resize requests are rejected and stored SizeKib remains unchanged.
E2E and replay scenarios
tests/e2e/cli-matrix/vd-resize-bounds-rejected.sh, tests/operator-harness/replay/vd-resize-bounds-rejected.yaml
Adds an e2e CLI-matrix script and a replay YAML exercising over-ceiling and below-floor rejections alongside a successful in-bounds grow, asserting size immutability and no orphans.

Estimated code review effort: 3 (Moderate) | ~25 minutes

Sequence Diagram(s)

sequenceDiagram
  participant Client
  participant RestHandler as rejectVDPatchSize
  participant BoundsGate as rejectVDPatchOutOfBounds
  Client->>RestHandler: PUT volume-definitions/{vn} (size_kib, force)
  RestHandler->>BoundsGate: check size_kib bounds
  BoundsGate->>BoundsGate: validateVDSize(size_kib)
  alt out of bounds
    BoundsGate-->>RestHandler: write 400 FAIL_INVLD_VLM_SIZE envelope
    RestHandler-->>Client: 400 Bad Request
  else in bounds
    BoundsGate-->>RestHandler: no-op
    RestHandler-->>Client: proceed with shrink/force logic
  end
Loading
🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed Clearly states the REST VD resize size-bounds enforcement change and matches the main validation fix.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch blue/round4-vd-resize-bounds

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request mirrors the volume definition size bounds validation (4 MiB to 16 TiB) from the CREATE path onto the RESIZE path (PUT). This prevents out-of-bounds sizes from being stored during a resize, which previously caused satellite hot-loops. Unit and integration tests have been added to verify this behavior. The feedback highlights that reusing the writeVDSizeRejection helper on the resize path may output a misleading correction message referencing the create command. Additionally, the integration tests should be tightened to assert an exact 400 Bad Request status code rather than just checking for non-2xx status codes to prevent false positives during server crashes.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

return false
}

writeVDSizeRejection(w, rd, vn, *patch.SizeKib, sizeErr)

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The writeVDSizeRejection helper has a hardcoded correction message (Correc) that instructs the operator to re-issue linstor vd c (the create command). Since this helper is now reused in the resize/PUT path (rejectVDPatchOutOfBounds), this correction message will be misleading to operators attempting a resize. Consider refactoring writeVDSizeRejection to accept the action/verb or make the correction message more generic (e.g., "retry the operation with a valid size").

Comment on lines +124 to +127
if status >= 200 && status < 300 {
t.Fatalf("resize ACCEPTED a sub-floor size %d KiB < %d KiB min (Bug-155 class via vd set-size)",
belowFloor, vdBoundsMinSizeKib)
}

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

Asserting that the status code is simply not in the 2xx range is too loose. If the server crashes or returns a 500 Internal Server Error, the test would pass because the stored size remains unchanged. It is better to assert the exact expected status code (400 Bad Request) to verify the API contract strictly.

	if status != http.StatusBadRequest {
		t.Fatalf("status: got %d, want 400 (sub-floor size must be refused like create); body=%s", status, body)
	}

Comment on lines +150 to +153
if status >= 200 && status < 300 {
t.Fatalf("resize ACCEPTED an over-max size %d KiB > %d KiB max (Bug-155 class via vd set-size)",
aboveMax, vdBoundsMaxSizeKib)
}

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

Asserting that the status code is simply not in the 2xx range is too loose. If the server crashes or returns a 500 Internal Server Error, the test would pass because the stored size remains unchanged. It is better to assert the exact expected status code (400 Bad Request) to verify the API contract strictly.

	if status != http.StatusBadRequest {
		t.Fatalf("status: got %d, want 400 (over-ceiling size must be refused like create); body=%s", status, body)
	}

Complete the CLI-bug-fix test tiers for the VD resize size-bounds gate
(vd set-size), per the blockstor CLI-bug-fix protocol.

- L6 cli-matrix cell tests/e2e/cli-matrix/vd-resize-bounds-rejected.sh:
  over-ceiling grow via CLI rejected, below-floor force-shrink via raw
  REST PUT rejected (400 + FAIL_INVLD_VLM_SIZE), in-bounds grow lands;
  size unchanged after each rejection.
- L7 replay tests/operator-harness/replay/vd-resize-bounds-rejected.yaml:
  the CLI-driveable operator sequence (over-ceiling reject, below-floor
  reject, in-bounds grow succeeds) with size-unchanged assertions.
- L1: add an in-bounds force-shrink (1 GiB -> 8 MiB) guard so the gate
  cannot regress the legitimate scenario-4.W13 force-shrink path.

The on-live-stand run of the L6 cell and L7 replay is DEFERRED — the
dev-kvaps DRBD oracle is unavailable this session; both files carry a
run-deferred note and a stand-pending task tracks running them. The fix
is already proven end-to-end at the L1 (handler) + integration (real
apiserver via envtest) tiers, which fully cover a REST-layer input
rejection; the L6/L7 tiers validate DRBD-state convergence, which is
N/A for a refused request, so they are the required paper trail rather
than the proof.

Signed-off-by: Andrei Kvapil <kvapss@gmail.com>
Co-Authored-By: Claude <noreply@anthropic.com>
@kvaps Andrei Kvapil (kvaps) marked this pull request as ready for review July 3, 2026 10:47

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (3)
pkg/rest/volume_definitions.go (1)

812-843: 📐 Maintainability & Code Quality | 🔵 Trivial

Two overlapping floor checks — consider consolidating.

rejectVDNonPositiveSize (size_kib ≤ 0) and the new rejectVDPatchOutOfBounds (via validateVDSize, size_kib < min) overlap: since minVolumeDefinitionSizeKib is presumably > 0, any non-positive value is already caught by the new bounds check too. Functionally harmless (non-positive rejects first with a more specific "must be > 0" message), but it's now two code paths enforcing effectively the same floor. Consider folding the non-positive case into validateVDSize/rejectVDPatchOutOfBounds with a tailored message, or leaving a short comment noting this is deliberate for message-wording purposes.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@pkg/rest/volume_definitions.go` around lines 812 - 843, The size validation
in rejectVDPatchSize now has two overlapping floor checks:
rejectVDNonPositiveSize and rejectVDPatchOutOfBounds both reject values below
the minimum, with rejectVDPatchOutOfBounds already covering non-positive sizes
through validateVDSize. Consolidate the logic by either folding the non-positive
case into rejectVDPatchOutOfBounds/validateVDSize with a specific error message,
or keep both paths but add a short comment explaining that
rejectVDNonPositiveSize is intentionally separate for the clearer “must be > 0”
response. Ensure rejectShrinkWithoutForce remains after the bounds checks.
tests/integration/vd_resize_bounds_test.go (2)

121-131: 🎯 Functional Correctness | 🔵 Trivial | ⚡ Quick win

Tests only check non-2xx status, not the specific rejection envelope.

The PR's stated fix returns 400 with FAIL_INVLD_VLM_SIZE plus cause/correction text (per PR objectives). These tests only assert status >= 200 && status < 300 is false and that stored size is unchanged, but never assert the response body actually carries the FAIL_INVLD_VLM_SIZE code — a regression that returns a different 4xx/5xx (e.g., a generic decode error) would still pass these tests.

Consider decoding body into the apiv1.APICallRc envelope and asserting the ret-code / message, tightening the regression coverage this test is meant to provide.

Also applies to: 147-157

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/integration/vd_resize_bounds_test.go` around lines 121 - 131, The
resize bounds integration test only checks that sub-floor requests are non-2xx
and leave stored size unchanged, so it can miss the intended rejection contract.
Update the `vdBoundsPut` assertions in
`tests/integration/vd_resize_bounds_test.go` to decode `body` into the
`apiv1.APICallRc` envelope and verify the returned ret-code/message matches
`FAIL_INVLD_VLM_SIZE` (including the expected cause/correction text), using the
same check in the `vdBoundsMinSizeKib`/`vdBoundsStoredSize` test cases so
regressions returning a different error still fail.

85-104: 🩺 Stability & Availability | 🔵 Trivial | ⚡ Quick win

Use a bounded context for the CRD read.

vdBoundsStoredSize's Get call uses context.Background() with no timeout, unlike vdBoundsPut which bounds the HTTP call with groupGTimeout. If the envtest apiserver stalls, this call can hang the test indefinitely instead of failing fast.

🔧 Proposed fix
 func vdBoundsStoredSize(t *testing.T, stack *harness.Stack, rd string) int64 {
 	t.Helper()
 
+	ctx, cancel := context.WithTimeout(context.Background(), groupGTimeout)
+	defer cancel()
+
 	var rdObj blockstoriov1alpha1.ResourceDefinition
-	if err := stack.Env.Client.Get(context.Background(), types.NamespacedName{Name: rd}, &rdObj); err != nil {
+	if err := stack.Env.Client.Get(ctx, types.NamespacedName{Name: rd}, &rdObj); err != nil {
 		t.Fatalf("get RD %q: %v", rd, err)
 	}
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/integration/vd_resize_bounds_test.go` around lines 85 - 104,
vdBoundsStoredSize currently reads the RD CRD with an unbounded context, which
can hang the test if the apiserver stalls. Update the Get call in
vdBoundsStoredSize to use the same bounded timeout pattern as vdBoundsPut,
reusing groupGTimeout or an equivalent context with deadline so the read fails
fast instead of waiting indefinitely.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@tests/e2e/cli-matrix/vd-resize-bounds-rejected.sh`:
- Around line 103-144: The `force=true` check in `vd-resize-bounds-rejected.sh`
is asserting the wrong behavior for the REST shrink path. Update the test around
the raw PUT to `volume-definitions/0` so it either removes `force=true` when
verifying rejection, or keeps `force=true` and asserts a successful resize plus
the expected size change; use the `floor_json`/`code` checks in that block to
validate the intended outcome.

---

Nitpick comments:
In `@pkg/rest/volume_definitions.go`:
- Around line 812-843: The size validation in rejectVDPatchSize now has two
overlapping floor checks: rejectVDNonPositiveSize and rejectVDPatchOutOfBounds
both reject values below the minimum, with rejectVDPatchOutOfBounds already
covering non-positive sizes through validateVDSize. Consolidate the logic by
either folding the non-positive case into
rejectVDPatchOutOfBounds/validateVDSize with a specific error message, or keep
both paths but add a short comment explaining that rejectVDNonPositiveSize is
intentionally separate for the clearer “must be > 0” response. Ensure
rejectShrinkWithoutForce remains after the bounds checks.

In `@tests/integration/vd_resize_bounds_test.go`:
- Around line 121-131: The resize bounds integration test only checks that
sub-floor requests are non-2xx and leave stored size unchanged, so it can miss
the intended rejection contract. Update the `vdBoundsPut` assertions in
`tests/integration/vd_resize_bounds_test.go` to decode `body` into the
`apiv1.APICallRc` envelope and verify the returned ret-code/message matches
`FAIL_INVLD_VLM_SIZE` (including the expected cause/correction text), using the
same check in the `vdBoundsMinSizeKib`/`vdBoundsStoredSize` test cases so
regressions returning a different error still fail.
- Around line 85-104: vdBoundsStoredSize currently reads the RD CRD with an
unbounded context, which can hang the test if the apiserver stalls. Update the
Get call in vdBoundsStoredSize to use the same bounded timeout pattern as
vdBoundsPut, reusing groupGTimeout or an equivalent context with deadline so the
read fails fast instead of waiting indefinitely.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: d847c010-a147-410f-9b49-73c18c32a0b9

📥 Commits

Reviewing files that changed from the base of the PR and between 02b88fb and 3591542.

📒 Files selected for processing (6)
  • pkg/rest/vd_put_size_bounds_round4_test.go
  • pkg/rest/volume_definitions.go
  • pkg/rest/volume_definitions_test.go
  • tests/e2e/cli-matrix/vd-resize-bounds-rejected.sh
  • tests/integration/vd_resize_bounds_test.go
  • tests/operator-harness/replay/vd-resize-bounds-rejected.yaml

Comment on lines +103 to +144
echo ">> over-ceiling grow vd s $RD 0 16385G (16 TiB + 1 GiB — MUST exit non-zero)"
err_file=$(mktemp)
if "${LCTL[@]}" volume-definition set-size "$RD" 0 16385G >"$err_file" 2>&1; then
echo "FAIL: over-ceiling grow (16 TiB + 1 GiB) unexpectedly succeeded" >&2
echo " size_kib > 16 TiB is unaddressable by DRBD — REST must reject." >&2
cat "$err_file" >&2
rm -f "$err_file"
exit 1
fi
if ! grep -qiE 'above maximum|maximum|ceiling|invalid volume definition size' "$err_file"; then
echo "FAIL: over-ceiling rejected but error text is unhelpful:" >&2
cat "$err_file" >&2
rm -f "$err_file"
exit 1
fi
rm -f "$err_file"

cur_kib=$(linstor_vd_size_kib "$RD" 0)
if (( cur_kib != SIZE_1G_KIB )); then
echo "FAIL: post-reject SizeKib=$cur_kib != $SIZE_1G_KIB (over-ceiling reject mutated state)" >&2
exit 1
fi

echo ">> below-floor force-shrink via raw REST PUT (3072 KiB, force=true — MUST be 400)"
floor_json=$(mktemp)
code=$(curl -s -m 5 -o "$floor_json" -w '%{http_code}' -X PUT \
-H 'Content-Type: application/json' \
-d '{"size_kib":3072,"force":true}' \
"http://localhost:${LCTL_PORT}/v1/resource-definitions/${RD}/volume-definitions/0")
if [[ "$code" != "400" ]]; then
echo "FAIL: below-floor force-shrink returned HTTP $code, want 400" >&2
cat "$floor_json" >&2
rm -f "$floor_json"
exit 1
fi
if ! grep -qiE 'below minimum|invalid volume definition size' "$floor_json"; then
echo "FAIL: 400 but envelope is not a size rejection:" >&2
cat "$floor_json" >&2
rm -f "$floor_json"
exit 1
fi
rm -f "$floor_json"

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Confirm the exact rejection message text emitted for out-of-bounds VD resize
fd volume_definitions.go pkg/rest --exec grep -n -i -A3 -B3 'FAIL_INVLD_VLM_SIZE\|maximum\|minimum' {}

Repository: cozystack/blockstor

Length of output: 1990


🌐 Web query:

cozystack blockstor rejectVDPatchSize rejectVDPatchOutOfBounds FAIL_INVLD_VLM_SIZE volume_definitions.go

💡 Result:

In the Cozystack blockstor project, rejectVDPatchSize, rejectVDPatchOutOfBounds, and FAIL_INVLD_VLM_SIZE are components of the system's volume management logic, primarily located within volume_definitions.go (specifically in the REST API and volume definition handling logic) [1]. These mechanisms are part of a safety guardrail system designed to prevent data loss during volume resizing operations, specifically volume shrinking [1]. 1. FAIL_INVLD_VLM_SIZE: This is an error code returned by the blockstor API (with an HTTP 400 status) when an operation attempts to shrink a volume [1]. 2. Rationale: Because every blockstor RD (Resource Definition) is backed by DRBD, and DRBD cannot shrink a volume past the on-disk metadata position without risking data destruction, the system defaults to rejecting all shrink operations [1]. 3. Escape Hatch: Users can bypass this restriction by including force=true (as a query parameter or body field) in the API request, which is intended for scenarios where the operator has already performed necessary filesystem-level actions (e.g., resize2fs -s) [1]. These definitions are integral to ensuring that blockstor maintains safe, predictable behavior when managing DRBD-backed storage in a Kubernetes environment [1][2].

Citations:


force=true should not be asserted as a rejection The REST force-shrink path is meant to bypass the size guard, so this call should not expect HTTP 400. If the intent is to test rejection, drop force=true; otherwise assert success and the resulting size change.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/e2e/cli-matrix/vd-resize-bounds-rejected.sh` around lines 103 - 144,
The `force=true` check in `vd-resize-bounds-rejected.sh` is asserting the wrong
behavior for the REST shrink path. Update the test around the raw PUT to
`volume-definitions/0` so it either removes `force=true` when verifying
rejection, or keeps `force=true` and asserts a successful resize plus the
expected size change; use the `floor_json`/`code` checks in that block to
validate the intended outcome.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant