fix(health): report BMC intrusion events#2782
Open
osu wants to merge 2 commits into
Open
Conversation
Signed-off-by: Hasan Khan <hasank@nvidia.com>
Contributor
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Enterprise Run ID: 📒 Files selected for processing (1)
🚧 Files skipped from review as they are similar to previous changes (1)
Summary by CodeRabbit
WalkthroughA new ChangesBMC Intrusion Health Reporting
Sequence Diagram(s)sequenceDiagram
participant LogCollector
participant BmcIntrusionEventProcessor
participant HealthReportSink
LogCollector->>BmcIntrusionEventProcessor: CollectorEvent::Log(record)
BmcIntrusionEventProcessor->>BmcIntrusionEventProcessor: Extract body + message_args
BmcIntrusionEventProcessor->>BmcIntrusionEventProcessor: intrusion_event_state() keyword match
alt Alert keywords matched
BmcIntrusionEventProcessor->>HealthReportSink: HealthReport { alert: IntrusionSensorTriggered, PreventAllocations }
else Clear keywords matched
BmcIntrusionEventProcessor->>HealthReportSink: HealthReport { success: IntrusionSensorTriggered }
else No intrusion keywords
BmcIntrusionEventProcessor-->>LogCollector: Empty output (no report)
end
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Possibly related PRs
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (1)
crates/health/src/processor/intrusion_events.rs (1)
201-261: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick winConsolidate intrusion classification tests into a table-driven suite.
These tests call the same operation with varied inputs; converting to
value_scenarios!will reduce duplication and make edge-case additions (including ambiguous “normal + critical” phrasing) straightforward.As per coding guidelines, “Prefer table-driven tests… Reach for a table whenever two or more tests call the same operation with different inputs.” As per path instructions, “
crates/**/*.rs: … Prefer findings about behavior, concurrency, resource lifetimes, and missing tests over style-only comments.”🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@crates/health/src/processor/intrusion_events.rs` around lines 201 - 261, The tests emits_alert_for_physical_chassis_intrusion_log_body, emits_alert_for_intrusion_message_args, emits_success_for_cleared_intrusion_event, and emits_success_for_reset_intrusion_event all call the same operation emitted_report with different log inputs and verify different aspects of the result. Consolidate these four test functions into a single table-driven test using the value_scenarios! macro, where each row in the table represents one test case with its input parameters and expected assertions. This will reduce duplication and make it easier to add new edge cases in the future.Sources: Coding guidelines, Path instructions
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@crates/health/src/processor/intrusion_events.rs`:
- Around line 76-93: The intrusion event classification logic checks for clear
keywords before alert keywords, causing messages containing both
"normal"/"reset" and alert signals like "critical" to be misclassified as Clear.
Reorder the conditional blocks in the intrusion event state detection logic so
that the alert check (which includes keywords like "physical chassis intrusion
alert", "trigger", "triggered", "assert", "alert", "critical", "warning") runs
before the clear check (which includes "clear", "cleared", "deassert", "normal",
"reset"). This ensures that more specific alert signals take priority and
prevents broad keywords like "normal" from causing false clears.
---
Nitpick comments:
In `@crates/health/src/processor/intrusion_events.rs`:
- Around line 201-261: The tests
emits_alert_for_physical_chassis_intrusion_log_body,
emits_alert_for_intrusion_message_args,
emits_success_for_cleared_intrusion_event, and
emits_success_for_reset_intrusion_event all call the same operation
emitted_report with different log inputs and verify different aspects of the
result. Consolidate these four test functions into a single table-driven test
using the value_scenarios! macro, where each row in the table represents one
test case with its input parameters and expected assertions. This will reduce
duplication and make it easier to add new edge cases in the future.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Enterprise
Run ID: b077eb08-ae43-41a1-9373-34b63ac741d6
📒 Files selected for processing (6)
crates/health/src/lib.rscrates/health/src/processor/intrusion_events.rscrates/health/src/processor/mod.rscrates/health/src/sink/events.rsdeploy/nico-base/hardware-health/deployment.yamlhelm/charts/nico-hardware-health/values.yaml
|
Auto-sync is disabled for draft pull requests in this repository. Workflows must be run manually. Contributors can view more details about this message here. |
Signed-off-by: Hasan Khan <hasank@nvidia.com>
🔍 Container Scan Summary
Per-CVE detail lives in the per-service |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
IntrusionSensorTriggeredmachine health reportshardware-health.bmc-eventssource plusPreventAllocations/SensorCriticalclassifications for the generated alertValidation
PATH="$HOME/.rustup/toolchains/1.96.0-aarch64-apple-darwin/bin:$PATH" cargo test -p carbide-health intrusion --libPATH="$HOME/.rustup/toolchains/1.96.0-aarch64-apple-darwin/bin:$PATH" cargo test -p carbide-health sink::events --libPATH="$HOME/.rustup/toolchains/1.96.0-aarch64-apple-darwin/bin:$PATH" cargo test -p carbide-health --librustup run nightly-2026-06-16 rustfmt --check crates/health/src/processor/intrusion_events.rs crates/health/src/processor/mod.rs crates/health/src/lib.rs crates/health/src/sink/events.rsgit diff --checkhelm lint helm/charts/nico-hardware-healthhelm template nico-hardware-health helm/charts/nico-hardware-healthkubectl kustomize deploy/nico-base/hardware-healthBackend follow-up for #2671; complements #2772, which surfaces the resulting alert details on
/admin/managed-host.