fix(kubernetes): make MachineHealthCheck maxUnhealthy configurable

[myasnikovdaniil]

Same-repo mirror of #2752 by mattia-eleuteri, opened so the Build CI job can run. Fork PRs skip the OCIR registry login (if: !github.event.pull_request.head.repo.fork in pull-requests.yaml) and so can't push the per-PR images the build needs — meaning a fork PR can never pass Build, regardless of the change. The commits here are unchanged and authored by mattia-eleuteri; full description and discussion in #2752.

Supersedes #2752.

fix(kubernetes): MachineHealthCheck `maxUnhealthy` is now configurable per node group (default `100%`), restoring worker-node auto-remediation that was previously disabled by a hardcoded value of `0`.

Summary by CodeRabbit

• New Features

  • Added configurable maxUnhealthy parameter for node groups, allowing users to specify the maximum number of unhealthy nodes (as integer or percentage) tolerated before automatic remediation is halted. Defaults to "100%".

• Documentation

  • Updated configuration documentation and schema to describe the new maxUnhealthy parameter and its default behavior.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: c61949f3-1172-48d4-a74e-dddbf6529e0f

📥 Commits

Reviewing files that changed from the base of the PR and between 39f3ac7 and 6a9047d.

📒 Files selected for processing (6)

• api/apps/v1alpha1/kubernetes/types.go
• packages/apps/kubernetes/README.md
• packages/apps/kubernetes/templates/cluster.yaml
• packages/apps/kubernetes/values.schema.json
• packages/apps/kubernetes/values.yaml
• packages/system/kubernetes-rd/cozyrds/kubernetes.yaml

---

📝 Walkthrough

Walkthrough

Adds a configurable maxUnhealthy field (string, default "100%") to the Kubernetes node group configuration. The field is defined on the NodeGroup Go struct with kubebuilder markers, propagated through Helm values.yaml, values.schema.json, and the MachineHealthCheck template (replacing a hardcoded 0), and reflected in the ApplicationDefinition openAPISchema and README.

Changes

maxUnhealthy field for NodeGroup MachineHealthCheck

Layer / File(s)	Summary
NodeGroup.MaxUnhealthy field definition and schema api/apps/v1alpha1/kubernetes/types.go, packages/apps/kubernetes/values.yaml, packages/apps/kubernetes/values.schema.json	MaxUnhealthy is added to the NodeGroup Go struct with +kubebuilder:default="100%" and description markers; maxUnhealthy: "100%" is added to the values.yaml typedef and md0 example; the JSON schema gains the field as a string with default "100%" and a description accepting integer or percentage values.
Template rendering, ApplicationDefinition schema, and docs packages/apps/kubernetes/templates/cluster.yaml, packages/system/kubernetes-rd/cozyrds/kubernetes.yaml, packages/apps/kubernetes/README.md	MachineHealthCheck.spec.maxUnhealthy in the Helm template switches from the constant 0 to {{ $group.maxUnhealthy | default "100%" | quote }}; the ApplicationDefinition openAPISchema and keysOrder metadata are updated to include the new field; the README parameters table gains the nodeGroups[name].maxUnhealthy row.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐇 A node group once fixed at zero's cold grip,
Now freely admits a full hundred percent slip.
The MachineHealthCheck breathes with configurable grace,
A default of "100%" set firmly in place.
Schemas and templates all neatly aligned —
No unhealthy surprise left behind!

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: making MachineHealthCheck's maxUnhealthy parameter configurable, which is the central objective of the PR.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/kubernetes-mhc-maxunhealthy

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces a configurable maxUnhealthy parameter for MachineHealthCheck in the Kubernetes node group configuration. By making this value configurable (defaulting to '100%'), it restores the auto-remediation capabilities for worker nodes that were previously limited by a hardcoded value of 0.

Highlights

• Configuration: Added the maxUnhealthy field to the NodeGroup configuration, allowing users to define the tolerance for unhealthy nodes before auto-remediation stops.
• Defaults: Set the default value for maxUnhealthy to '100%', restoring worker-node auto-remediation functionality.
• Documentation: Updated the README and Helm values schema to include the new maxUnhealthy configuration option.

New Features

🧠 You can now enable Memory (public preview) to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	Gemini (@gemini-code-assist)	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize the Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counterproductive. You can react with 👍 and 👎 on Gemini (@gemini-code-assist) comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a new maxUnhealthy configuration option for Kubernetes node groups, allowing users to specify the maximum number or percentage of unhealthy nodes tolerated before auto-remediation stops. This option is integrated across API types, Helm templates, values schemas, and documentation. Feedback on the changes highlights a bug in the Helm template where using the default function overrides a valid 0 value with "100%", and suggests using hasKey to correctly preserve falsy values.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

[gemini-code-assist]

Using the default function in Helm/Go templates treats falsy values like 0 (integer) as empty, which causes them to be overridden by the default value ("100%"). Since 0 is a valid value for maxUnhealthy (used to explicitly disable auto-remediation), this will prevent users from setting maxUnhealthy: 0 as an integer in their values.

Using hasKey allows us to check if the key is explicitly defined in the node group map, preserving 0 or any other falsy values.

  maxUnhealthy: {{ if hasKey $group "maxUnhealthy" }}{{ $group.maxUnhealthy | quote }}{{ else }}"100%"{{ end }}