feat(binding): support dynamic network selection for service bindings#57
Merged
haochenhu233 merged 5 commits intomainfrom Mar 5, 2026
Merged
Conversation
Contributor
itsouvalas
commented
Jan 28, 2026
itsouvalas
commented
- Extract network name from deployment manifest per instance group
- Use VM's actual network for DNS name and credential generation
- Fall back to BOSH_NETWORK env var when network info unavailable
- Enables multi-network BOSH deployments for service instances
There was a problem hiding this comment.
Pull request overview
This PR enables dynamic network selection for service bindings in multi-network BOSH deployments. The implementation extracts network names from deployment manifests per instance group and uses the VM's actual network for DNS name and credential generation, with fallback to the BOSH_NETWORK environment variable.
Changes:
- Added thread-safety mechanisms (mutexes) to shared resources in logger, vault client, and test utilities
- Implemented network extraction from BOSH deployment manifests to support per-instance-group network configuration
- Updated Vault client API calls to use newer method signatures
Reviewed changes
Copilot reviewed 10 out of 1266 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| pkg/vault/client.go | Updated Vault mount upgrade to use new API types and methods |
| pkg/reconciler/updater_test.go | Added mutex protection for thread-safe access to MockTestLogger messages |
| pkg/reconciler/test_vault_adapter_test.go | Added RWMutex for thread-safe access to test vault state |
| pkg/logger/logger.go | Implemented RWMutex to protect global logger instance access |
| internal/vault/vault.go | Added RWMutex for thread-safe client initialization with double-checked locking |
| internal/manifest/manifest.go | Added mutex to serialize spruce library calls and dynamic network selection per VM |
| internal/broker/rabbitmq_integration_test.go | Pre-initialized map entries to prevent concurrent map writes |
| internal/bosh/director_adapter.go | Added network extraction from manifests and assignment to VMs |
| internal/bosh/adapter.go | Added Network field to VM struct |
| go.mod | Updated Go version and multiple dependency versions |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Extract network name from deployment manifest per instance group - Use VM's actual network for DNS name and credential generation - Fall back to BOSH_NETWORK env var when network info unavailable - Enables multi-network BOSH deployments for service instances
Add proper mutex synchronization to fix race conditions detected by Go's race detector in CI. Fixes thread-unsafe lazy initialization in vault client, unprotected global logger access, and serializes calls to spruce library which has thread-unsafe global state.
- Update golang.org/x/crypto from v0.41.0 to v0.43.0 Fixes GO-2025-4116: Potential DoS in ssh/agent - Update hashicorp/vault replace directive from v1.20.3 to v1.21.0 Fixes GO-2025-4071: DoS when processing JSON - Update Go version from 1.25.1 to 1.25.5 Fixes GO-2025-4175, GO-2025-4155: crypto/x509 vulnerabilities
Update vault client to use TuneMountAllowNil API instead of deprecated TuneMount to fix staticcheck SA1019 warning after vault v1.21.0 upgrade.
itsouvalas
force-pushed
the
feature/dynamic-network-service-binding-main
branch
from
ab70884 to
034fefe
Compare
Contributor
|
Looks good to me |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.