NETOBSERV-2471: Allow space in filtered values

[jotak]

Description

Allow space in filtered values

Dependencies

• Agent PR: NETOBSERV-2471: TLS usage tracking netobserv-ebpf-agent#815
• Operator: NETOBSERV-2471: TLSTracking feature knob, TLS fields netobserv-operator#2124
• FLP: NETOBSERV-2471: TLS usage tracking (bump agent) flowlogs-pipeline#1119

Checklist

• Does the changes in PR need specific configuration or environment set up for testing?
  • if so please describe it in PR description.
• I have added thorough unit tests for the change.
• QE requirements (check 1 from the list):
  • Standard QE validation, with pre-merge tests unless stated otherwise.
  • Regression tests only (e.g. refactoring with no user-facing change).
  • No QE (e.g. trivial change with high reviewer's confidence, or per agreement with the QE team).

Summary by CodeRabbit

• Bug Fixes

  • Flow query filters now accept space characters in filter values.

• New Features

  • Record panel: added multi-value "any-of" filter for TLS types.

• Improvements

  • Buffered HTTP/2 priority updates for better scheduling.
  • Terminal: added Delete and Transpose key behaviors.

• Chores

  • Updated Go dependency versions.
  • Removed several unused vendored CLI flag and kubeconfig packages.

[openshift-ci-robot]

@jotak: This pull request references NETOBSERV-2471 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.22.0" version, but no target version was set.

Details

In response to this:

Description

Allow space in filtered values

Dependencies

• Agent PR: NETOBSERV-2471: TLS usage tracking netobserv-ebpf-agent#815
• Operator: NETOBSERV-2471: TLSTracking feature knob, TLS fields netobserv-operator#2124
• FLP: NETOBSERV-2471: TLS usage tracking (bump agent) flowlogs-pipeline#1119

Checklist

• Does the changes in PR need specific configuration or environment set up for testing?
  • if so please describe it in PR description.
• I have added thorough unit tests for the change.
• QE requirements (check 1 from the list):
• Standard QE validation, with pre-merge tests unless stated otherwise.
• Regression tests only (e.g. refactoring with no user-facing change).
• No QE (e.g. trivial change with high reviewer's confidence, or per agreement with the QE team).

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign oliviercazade for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• DOWNSTREAM_OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

📝 Walkthrough

Walkthrough

Updated module/vendor dependency versions; removed large vendored libraries (goflow2, pflag) and many k8s clientcmd/auth files; allowed spaces in Loki filter values and expanded tests; added TLS-related frontend columns/filters and sample-config changes; small golang.org/x/* adjustments.

Changes

Cohort / File(s)	Summary
Module & vendor manifests go.mod, vendor/modules.txt	Bumped indirect deps (netobserv/flowlogs-pipeline → v1.11.2-community; golang.org/x/net, x/sys, x/term, x/text); removed vendor entries for github.com/netsampler/goflow2 and github.com/spf13/pflag.
Loki parsing & tests pkg/loki/flow_query.go, pkg/loki/query_test.go	Allowed literal space in filter regex; addFilter replaces spaces with %20 before splitting; test renamed to TestQuery_AuthorizedChars and extended to validate allowed chars and backquote error.
Large vendor removals: goflow2 vendor/github.com/netsampler/goflow2/...	Removed goflow2 vendored package: decoders (ipfix, netflow, nfv9, netflowlegacy), sflow, templates, utils, producer mapping/producer_* files, pb/flow.proto, LICENSE and related files.
Large vendor removals: pflag vendor/github.com/spf13/pflag/...	Removed vendored pflag library: core flag implementation, typed flag files (many numeric/slice/string/time/bytes types), errors, docs/config/CI, LICENSE, and ancillary files.
Kubernetes clientcmd/auth removals vendor/k8s.io/client-go/tools/clientcmd/..., vendor/k8s.io/client-go/tools/auth/..., vendor/k8s.io/client-go/util/homedir/...	Deleted clientcmd/clientconfig/loader/merge/overrides/validation/generated conversion/deepcopy/defaults, auth loaders, auth Info types, homedir util, docs/OWNERS and related artifacts.
Netobserv vendor tweaks vendor/github.com/netobserv/flowlogs-pipeline/pkg/api/ingest_ipfix.go, vendor/.../pkg/utils/kubernetes.go	Replaced producer.NetFlowMapField with local NetFlowMapField type; removed LoadK8sConfig function.
golang.org/x updates & runtime tweaks vendor/golang.org/x/net/..., vendor/golang.org/x/sys/..., vendor/golang.org/x/term/...	HTTP2: buffer PRIORITY_UPDATE for closed streams; x/sys: constant renames, new prefix types/structs, plan9/windows Signal alias changes; term: add keyDelete/keyTranspose and handling.
Frontend config & UI config/sample-config.yaml, web/src/components/drawer/record/record-panel.tsx, web/src/utils/columns.ts	Added TLS columns/filters (TLSVersion, TLSCipherSuite, TLSCurve, TLSTypes), adjusted protocol column groups/labels and filter hints/placeholders; added TLSTypes ColumnsId and drawer any-of filter handler getGenericAnyOfFilter.

Estimated code review effort

🎯 5 (Critical) | ⏱️ ~120 minutes

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

[openshift-ci-robot]

@jotak: This pull request references NETOBSERV-2471 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.22.0" version, but no target version was set.

Details

In response to this:

Description

Allow space in filtered values

Dependencies

• Agent PR: NETOBSERV-2471: TLS usage tracking netobserv-ebpf-agent#815
• Operator: NETOBSERV-2471: TLSTracking feature knob, TLS fields netobserv-operator#2124
• FLP: NETOBSERV-2471: TLS usage tracking (bump agent) flowlogs-pipeline#1119

Checklist

• Does the changes in PR need specific configuration or environment set up for testing?
  • if so please describe it in PR description.
• I have added thorough unit tests for the change.
• QE requirements (check 1 from the list):
• Standard QE validation, with pre-merge tests unless stated otherwise.
• Regression tests only (e.g. refactoring with no user-facing change).
• No QE (e.g. trivial change with high reviewer's confidence, or per agreement with the QE team).

Summary by CodeRabbit

Release Notes

• New Features

• Filter validation now supports space characters in filter values, enabling more flexible query parameters.

• Improvements

• Updated Go language dependencies for enhanced performance and security (golang.org/x/net, golang.org/x/sys, golang.org/x/term, golang.org/x/text).
• Refactored network events processing for improved maintainability.

• Tests

• Added test coverage for authorized characters in filter requests.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

pkg/loki/flow_query.go (1)

25-26: Comment is stale; consider clarifying hyphen placement.

The comment on line 25 doesn't mention that spaces are now allowed. Also, placing the hyphen explicitly at the end of the character class (e.g., [\w _.,"*:/-]) would make the regex intent clearer.

Suggested fix

-// can contains only alphanumeric / '-' / '_' / '.' / ',' / '"' / '*' / ':' / '/' characteres
-var filterRegexpValidation = regexp.MustCompile(`^[\w -_.,\"*:/]*$`)
+// can contain only alphanumeric / space / '-' / '_' / '.' / ',' / '"' / '*' / ':' / '/' characters
+var filterRegexpValidation = regexp.MustCompile(`^[\w _.,"*:/-]*$`)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@pkg/loki/flow_query.go` around lines 25 - 26, The comment for
filterRegexpValidation is outdated and the hyphen inside the character class is
ambiguous; update the comment to note that spaces are allowed and clarify
allowed characters, and adjust the regexp in filterRegexpValidation to place the
hyphen at the end of the class (e.g., move '-' to the end) so its intent is
unambiguous while preserving existing allowed characters (alphanumeric, space,
'_', '.', ',', '"', '*', ':', '/'); ensure the variable name
filterRegexpValidation is updated with the new regex and the comment reflects
the exact allowed set.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@vendor/modules.txt`:
- Around line 80-82: The replace directive currently points to a personal fork
"github.com/jotak/netobserv-agent v0.0.0-20260331075254-f72ba0ce9bde" instead of
the official module; switch the replacement back to the official module name
"github.com/netobserv/netobserv-ebpf-agent" and use a proper released semantic
version (e.g., v1.11.2-community or a newer official release) rather than the
pseudo-version, then run dependency update (go mod tidy / vendor refresh) so
vendor/modules.txt (the line showing "github.com/netobserv/netobserv-ebpf-agent
... => github.com/jotak/netobserv-agent ...") is regenerated with the official
release.

---

Nitpick comments:
In `@pkg/loki/flow_query.go`:
- Around line 25-26: The comment for filterRegexpValidation is outdated and the
hyphen inside the character class is ambiguous; update the comment to note that
spaces are allowed and clarify allowed characters, and adjust the regexp in
filterRegexpValidation to place the hyphen at the end of the class (e.g., move
'-' to the end) so its intent is unambiguous while preserving existing allowed
characters (alphanumeric, space, '_', '.', ',', '"', '*', ':', '/'); ensure the
variable name filterRegexpValidation is updated with the new regex and the
comment reflects the exact allowed set.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 9dbfc6df-f8c7-4e66-9063-da8d75c67907

📥 Commits

Reviewing files that changed from the base of the PR and between 48d48a8 and c7a66e6.

⛔ Files ignored due to path filters (2)

• go.sum is excluded by !**/*.sum
• vendor/github.com/netsampler/goflow2/pb/flow.pb.go is excluded by !**/*.pb.go

📒 Files selected for processing (104)

• go.mod
• pkg/decoders/network-events.go
• pkg/loki/flow_query.go
• pkg/loki/query_test.go
• vendor/github.com/netobserv/flowlogs-pipeline/pkg/api/ingest_ipfix.go
• vendor/github.com/netobserv/flowlogs-pipeline/pkg/utils/kubernetes.go
• vendor/github.com/netobserv/netobserv-ebpf-agent/pkg/utils/network_events.go
• vendor/github.com/netobserv/netobserv-ebpf-agent/pkg/utils/networkevents/network_events.go
• vendor/github.com/netobserv/netobserv-ebpf-agent/pkg/utils/utils.go
• vendor/github.com/netsampler/goflow2/LICENSE
• vendor/github.com/netsampler/goflow2/decoders/netflow/ipfix.go
• vendor/github.com/netsampler/goflow2/decoders/netflow/netflow.go
• vendor/github.com/netsampler/goflow2/decoders/netflow/nfv9.go
• vendor/github.com/netsampler/goflow2/decoders/netflow/packet.go
• vendor/github.com/netsampler/goflow2/decoders/netflow/templates/templates.go
• vendor/github.com/netsampler/goflow2/decoders/netflowlegacy/netflow.go
• vendor/github.com/netsampler/goflow2/decoders/netflowlegacy/packet.go
• vendor/github.com/netsampler/goflow2/decoders/sflow/datastructure.go
• vendor/github.com/netsampler/goflow2/decoders/sflow/packet.go
• vendor/github.com/netsampler/goflow2/decoders/sflow/sflow.go
• vendor/github.com/netsampler/goflow2/decoders/utils/utils.go
• vendor/github.com/netsampler/goflow2/pb/flow.proto
• vendor/github.com/netsampler/goflow2/producer/producer_nf.go
• vendor/github.com/netsampler/goflow2/producer/producer_nflegacy.go
• vendor/github.com/netsampler/goflow2/producer/producer_sf.go
• vendor/github.com/netsampler/goflow2/producer/reflect.go
• vendor/github.com/spf13/pflag/.editorconfig
• vendor/github.com/spf13/pflag/.gitignore
• vendor/github.com/spf13/pflag/.golangci.yaml
• vendor/github.com/spf13/pflag/.travis.yml
• vendor/github.com/spf13/pflag/LICENSE
• vendor/github.com/spf13/pflag/README.md
• vendor/github.com/spf13/pflag/bool.go
• vendor/github.com/spf13/pflag/bool_func.go
• vendor/github.com/spf13/pflag/bool_slice.go
• vendor/github.com/spf13/pflag/bytes.go
• vendor/github.com/spf13/pflag/count.go
• vendor/github.com/spf13/pflag/duration.go
• vendor/github.com/spf13/pflag/duration_slice.go
• vendor/github.com/spf13/pflag/errors.go
• vendor/github.com/spf13/pflag/flag.go
• vendor/github.com/spf13/pflag/float32.go
• vendor/github.com/spf13/pflag/float32_slice.go
• vendor/github.com/spf13/pflag/float64.go
• vendor/github.com/spf13/pflag/float64_slice.go
• vendor/github.com/spf13/pflag/func.go
• vendor/github.com/spf13/pflag/golangflag.go
• vendor/github.com/spf13/pflag/int.go
• vendor/github.com/spf13/pflag/int16.go
• vendor/github.com/spf13/pflag/int32.go
• vendor/github.com/spf13/pflag/int32_slice.go
• vendor/github.com/spf13/pflag/int64.go
• vendor/github.com/spf13/pflag/int64_slice.go
• vendor/github.com/spf13/pflag/int8.go
• vendor/github.com/spf13/pflag/int_slice.go
• vendor/github.com/spf13/pflag/ip.go
• vendor/github.com/spf13/pflag/ip_slice.go
• vendor/github.com/spf13/pflag/ipmask.go
• vendor/github.com/spf13/pflag/ipnet.go
• vendor/github.com/spf13/pflag/ipnet_slice.go
• vendor/github.com/spf13/pflag/string.go
• vendor/github.com/spf13/pflag/string_array.go
• vendor/github.com/spf13/pflag/string_slice.go
• vendor/github.com/spf13/pflag/string_to_int.go
• vendor/github.com/spf13/pflag/string_to_int64.go
• vendor/github.com/spf13/pflag/string_to_string.go
• vendor/github.com/spf13/pflag/text.go
• vendor/github.com/spf13/pflag/time.go
• vendor/github.com/spf13/pflag/uint.go
• vendor/github.com/spf13/pflag/uint16.go
• vendor/github.com/spf13/pflag/uint32.go
• vendor/github.com/spf13/pflag/uint64.go
• vendor/github.com/spf13/pflag/uint8.go
• vendor/github.com/spf13/pflag/uint_slice.go
• vendor/golang.org/x/net/http2/writesched_priority_rfc9218.go
• vendor/golang.org/x/sys/plan9/syscall_plan9.go
• vendor/golang.org/x/sys/unix/ztypes_linux.go
• vendor/golang.org/x/sys/windows/aliases.go
• vendor/golang.org/x/sys/windows/syscall_windows.go
• vendor/golang.org/x/term/terminal.go
• vendor/k8s.io/client-go/tools/auth/OWNERS
• vendor/k8s.io/client-go/tools/auth/clientauth.go
• vendor/k8s.io/client-go/tools/clientcmd/api/latest/latest.go
• vendor/k8s.io/client-go/tools/clientcmd/api/v1/conversion.go
• vendor/k8s.io/client-go/tools/clientcmd/api/v1/defaults.go
• vendor/k8s.io/client-go/tools/clientcmd/api/v1/doc.go
• vendor/k8s.io/client-go/tools/clientcmd/api/v1/register.go
• vendor/k8s.io/client-go/tools/clientcmd/api/v1/types.go
• vendor/k8s.io/client-go/tools/clientcmd/api/v1/zz_generated.conversion.go
• vendor/k8s.io/client-go/tools/clientcmd/api/v1/zz_generated.deepcopy.go
• vendor/k8s.io/client-go/tools/clientcmd/api/v1/zz_generated.defaults.go
• vendor/k8s.io/client-go/tools/clientcmd/auth_loaders.go
• vendor/k8s.io/client-go/tools/clientcmd/client_config.go
• vendor/k8s.io/client-go/tools/clientcmd/config.go
• vendor/k8s.io/client-go/tools/clientcmd/doc.go
• vendor/k8s.io/client-go/tools/clientcmd/flag.go
• vendor/k8s.io/client-go/tools/clientcmd/helpers.go
• vendor/k8s.io/client-go/tools/clientcmd/loader.go
• vendor/k8s.io/client-go/tools/clientcmd/merge.go
• vendor/k8s.io/client-go/tools/clientcmd/merged_client_builder.go
• vendor/k8s.io/client-go/tools/clientcmd/overrides.go
• vendor/k8s.io/client-go/tools/clientcmd/validation.go
• vendor/k8s.io/client-go/util/homedir/homedir.go
• vendor/modules.txt

💤 Files with no reviewable changes (92)

• vendor/github.com/spf13/pflag/.editorconfig
• vendor/github.com/spf13/pflag/.travis.yml
• vendor/k8s.io/client-go/tools/auth/clientauth.go
• vendor/github.com/netsampler/goflow2/LICENSE
• vendor/github.com/spf13/pflag/.golangci.yaml
• vendor/github.com/spf13/pflag/LICENSE
• vendor/github.com/netsampler/goflow2/pb/flow.proto
• vendor/github.com/spf13/pflag/.gitignore
• vendor/github.com/netsampler/goflow2/decoders/netflow/templates/templates.go
• vendor/github.com/spf13/pflag/string_slice.go
• vendor/github.com/spf13/pflag/bool_func.go
• vendor/k8s.io/client-go/tools/clientcmd/api/v1/doc.go
• vendor/github.com/netsampler/goflow2/decoders/sflow/packet.go
• vendor/k8s.io/client-go/tools/auth/OWNERS
• vendor/k8s.io/client-go/tools/clientcmd/flag.go
• vendor/github.com/netobserv/netobserv-ebpf-agent/pkg/utils/utils.go
• vendor/github.com/spf13/pflag/uint8.go
• vendor/github.com/netsampler/goflow2/decoders/netflowlegacy/packet.go
• vendor/k8s.io/client-go/tools/clientcmd/api/v1/register.go
• vendor/k8s.io/client-go/tools/clientcmd/helpers.go
• vendor/k8s.io/client-go/tools/clientcmd/api/v1/zz_generated.defaults.go
• vendor/github.com/spf13/pflag/string_to_int64.go
• vendor/github.com/spf13/pflag/int_slice.go
• vendor/github.com/spf13/pflag/text.go
• vendor/github.com/netobserv/netobserv-ebpf-agent/pkg/utils/network_events.go
• vendor/golang.org/x/sys/windows/syscall_windows.go
• vendor/github.com/spf13/pflag/uint64.go
• vendor/k8s.io/client-go/tools/clientcmd/api/v1/defaults.go
• vendor/github.com/netsampler/goflow2/producer/producer_nflegacy.go
• vendor/github.com/spf13/pflag/func.go
• vendor/github.com/netobserv/flowlogs-pipeline/pkg/utils/kubernetes.go
• vendor/k8s.io/client-go/util/homedir/homedir.go
• vendor/github.com/spf13/pflag/uint16.go
• vendor/k8s.io/client-go/tools/clientcmd/api/latest/latest.go
• vendor/k8s.io/client-go/tools/clientcmd/auth_loaders.go
• vendor/github.com/netsampler/goflow2/decoders/netflow/nfv9.go
• vendor/github.com/spf13/pflag/ip_slice.go
• vendor/github.com/spf13/pflag/README.md
• vendor/github.com/spf13/pflag/int64_slice.go
• vendor/github.com/spf13/pflag/float32_slice.go
• vendor/github.com/spf13/pflag/bool_slice.go
• vendor/github.com/spf13/pflag/bool.go
• vendor/github.com/netsampler/goflow2/decoders/sflow/sflow.go
• vendor/github.com/spf13/pflag/int.go
• vendor/k8s.io/client-go/tools/clientcmd/api/v1/zz_generated.conversion.go
• vendor/k8s.io/client-go/tools/clientcmd/merged_client_builder.go
• vendor/github.com/spf13/pflag/uint32.go
• vendor/k8s.io/client-go/tools/clientcmd/merge.go
• vendor/github.com/spf13/pflag/errors.go
• vendor/github.com/spf13/pflag/duration.go
• vendor/github.com/spf13/pflag/int8.go
• vendor/github.com/spf13/pflag/int16.go
• vendor/github.com/netsampler/goflow2/decoders/utils/utils.go
• vendor/github.com/netsampler/goflow2/decoders/netflow/ipfix.go
• vendor/github.com/spf13/pflag/time.go
• vendor/k8s.io/client-go/tools/clientcmd/doc.go
• vendor/github.com/spf13/pflag/int32_slice.go
• vendor/github.com/spf13/pflag/golangflag.go
• vendor/github.com/spf13/pflag/int64.go
• vendor/github.com/spf13/pflag/ip.go
• vendor/github.com/spf13/pflag/float32.go
• vendor/k8s.io/client-go/tools/clientcmd/config.go
• vendor/github.com/spf13/pflag/count.go
• vendor/github.com/spf13/pflag/duration_slice.go
• vendor/k8s.io/client-go/tools/clientcmd/api/v1/types.go
• vendor/github.com/spf13/pflag/int32.go
• vendor/github.com/netsampler/goflow2/producer/reflect.go
• vendor/github.com/netsampler/goflow2/decoders/netflow/netflow.go
• vendor/k8s.io/client-go/tools/clientcmd/api/v1/zz_generated.deepcopy.go
• vendor/github.com/netsampler/goflow2/decoders/netflowlegacy/netflow.go
• vendor/github.com/spf13/pflag/ipnet.go
• vendor/github.com/spf13/pflag/bytes.go
• vendor/k8s.io/client-go/tools/clientcmd/api/v1/conversion.go
• vendor/github.com/spf13/pflag/flag.go
• vendor/github.com/netsampler/goflow2/producer/producer_sf.go
• vendor/github.com/netsampler/goflow2/decoders/sflow/datastructure.go
• vendor/github.com/spf13/pflag/float64_slice.go
• vendor/github.com/spf13/pflag/ipnet_slice.go
• vendor/github.com/spf13/pflag/uint_slice.go
• vendor/k8s.io/client-go/tools/clientcmd/client_config.go
• vendor/github.com/spf13/pflag/string_to_int.go
• vendor/github.com/spf13/pflag/float64.go
• vendor/github.com/netsampler/goflow2/producer/producer_nf.go
• vendor/k8s.io/client-go/tools/clientcmd/validation.go
• vendor/github.com/spf13/pflag/ipmask.go
• vendor/k8s.io/client-go/tools/clientcmd/overrides.go
• vendor/github.com/spf13/pflag/string_array.go
• vendor/github.com/spf13/pflag/string.go
• vendor/k8s.io/client-go/tools/clientcmd/loader.go
• vendor/github.com/spf13/pflag/string_to_string.go
• vendor/github.com/spf13/pflag/uint.go
• vendor/github.com/netsampler/goflow2/decoders/netflow/packet.go

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Check if the dependent PR in netobserv-ebpf-agent is merged
gh pr view 815 --repo netobserv/netobserv-ebpf-agent --json state,mergedAt

Repository: netobserv/netobserv-web-console

Length of output: 173

---

🏁 Script executed:

# First, locate and examine the go.mod file
find . -name "go.mod" -type f | head -5

Repository: netobserv/netobserv-web-console

Length of output: 83

---

🏁 Script executed:

# Search for references to the netobserv-agent fork and related TODOs/notes
rg "jotak/netobserv-agent|netobserv-ebpf-agent" -i --type-list | head -20

Repository: netobserv/netobserv-web-console

Length of output: 464

---

🏁 Script executed:

# Look for any related comments or context about this replacement
rg "replace.*netobserv|fork|temporary|development" -i -A 2 -B 2

Repository: netobserv/netobserv-web-console

Length of output: 50388

---

🏁 Script executed:

cat -n go.mod | head -100

Repository: netobserv/netobserv-web-console

Length of output: 3531

---

🏁 Script executed:

# Search for any TODO or comments related to this fork replacement
rg "TODO|FIXME|temporary|develop" go.mod -i -B 2 -A 2

Repository: netobserv/netobserv-web-console

Length of output: 57

---

🏁 Script executed:

# Search for references to netobserv-agent or related fork context
rg "jotak|netobserv-agent" -i --type go

Repository: netobserv/netobserv-web-console

Length of output: 57

---

Replace directive points to a personal fork with a pseudo-version.

The module is replaced with github.com/jotak/netobserv-agent using a development pseudo-version (v0.0.0-20260331075254-f72ba0ce9bde). Ensure this is updated to the official github.com/netobserv/netobserv-ebpf-agent release before merging to main.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@vendor/modules.txt` around lines 80 - 82, The replace directive currently
points to a personal fork "github.com/jotak/netobserv-agent
v0.0.0-20260331075254-f72ba0ce9bde" instead of the official module; switch the
replacement back to the official module name
"github.com/netobserv/netobserv-ebpf-agent" and use a proper released semantic
version (e.g., v1.11.2-community or a newer official release) rather than the
pseudo-version, then run dependency update (go mod tidy / vendor refresh) so
vendor/modules.txt (the line showing "github.com/netobserv/netobserv-ebpf-agent
... => github.com/jotak/netobserv-agent ...") is regenerated with the official
release.

[openshift-ci-robot]

@jotak: This pull request references NETOBSERV-2471 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.22.0" version, but no target version was set.

Details

In response to this:

Description

Allow space in filtered values

Dependencies

• Agent PR: NETOBSERV-2471: TLS usage tracking netobserv-ebpf-agent#815
• Operator: NETOBSERV-2471: TLSTracking feature knob, TLS fields netobserv-operator#2124
• FLP: NETOBSERV-2471: TLS usage tracking (bump agent) flowlogs-pipeline#1119

Checklist

• Does the changes in PR need specific configuration or environment set up for testing?
  • if so please describe it in PR description.
• I have added thorough unit tests for the change.
• QE requirements (check 1 from the list):
• Standard QE validation, with pre-merge tests unless stated otherwise.
• Regression tests only (e.g. refactoring with no user-facing change).
• No QE (e.g. trivial change with high reviewer's confidence, or per agreement with the QE team).

Summary by CodeRabbit

• Bug Fixes

• Flow query filters now accept space characters in filter values.

• Improvements

• Enhanced HTTP/2 priority scheduling with buffered priority updates.

• Improved terminal key handling for delete and transpose operations.

• Chores

• Updated Go standard libraries (net, sys, term, text) to latest versions.

• Updated flowlogs-pipeline dependency to v1.11.2.

• Removed unused Kubernetes kubeconfig and pflag dependencies.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[github-actions]

New image:

quay.io/netobserv/network-observability-console-plugin:ea51880

It will expire in two weeks.

To deploy this build, run from the operator repo, assuming the operator is running:

USER=netobserv VERSION=ea51880 make set-plugin-image

[openshift-ci-robot]

@jotak: This pull request references NETOBSERV-2471 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.22.0" version, but no target version was set.

Details

In response to this:

Description

Allow space in filtered values

Dependencies

• Agent PR: NETOBSERV-2471: TLS usage tracking netobserv-ebpf-agent#815
• Operator: NETOBSERV-2471: TLSTracking feature knob, TLS fields netobserv-operator#2124
• FLP: NETOBSERV-2471: TLS usage tracking (bump agent) flowlogs-pipeline#1119

Checklist

• Does the changes in PR need specific configuration or environment set up for testing?
  • if so please describe it in PR description.
• I have added thorough unit tests for the change.
• QE requirements (check 1 from the list):
• Standard QE validation, with pre-merge tests unless stated otherwise.
• Regression tests only (e.g. refactoring with no user-facing change).
• No QE (e.g. trivial change with high reviewer's confidence, or per agreement with the QE team).

Summary by CodeRabbit

• Bug Fixes

• Flow query filters now accept space characters in filter values.

• New Features

• Record panel: added multi-value "any-of" filter for TLS types.

• Improvements

• Buffered HTTP/2 priority updates for better scheduling.

• Terminal: added delete and transpose key behaviors.

• Chores

• Updated Go libraries and flowlogs-pipeline to newer versions.

• Removed several unused vendored packages (CLI flag helpers and kubeconfig tooling).

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[github-actions]

New image:

quay.io/netobserv/network-observability-console-plugin:502d5d0

It will expire in two weeks.

To deploy this build, run from the operator repo, assuming the operator is running:

USER=netobserv VERSION=502d5d0 make set-plugin-image

[coderabbitai]

🧹 Nitpick comments (1)

web/src/components/drawer/record/record-panel.tsx (1)

238-267: Implementation follows established patterns.

The function correctly mirrors getGenericFilter but handles multi-value scenarios. One optional style improvement:

♻️ Use ES6 shorthand property syntax

-      const filterValues: FilterValue[] = values.map(v => ({v: v}));
+      const filterValues: FilterValue[] = values.map(v => ({ v }));

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@web/src/components/drawer/record/record-panel.tsx` around lines 238 - 267,
The implementation of getGenericAnyOfFilter should use ES6 object property
shorthand where possible to make the code cleaner; update object literals like {
def: def, compare: FilterCompare.equal } and { v: v } to use shorthand ({ def,
compare: FilterCompare.equal } and { v }) and similarly other places
constructing filter objects so they use shorthand properties (e.g.,
newFilters.push({ def, compare: FilterCompare.equal, values: filterValues }) and
the returned object with isDelete) while keeping all logic in
getGenericAnyOfFilter, references to filterDefinitions, filters, setFilters,
filterKey, filterValues and isDelete intact.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@web/src/components/drawer/record/record-panel.tsx`:
- Around line 238-267: The implementation of getGenericAnyOfFilter should use
ES6 object property shorthand where possible to make the code cleaner; update
object literals like { def: def, compare: FilterCompare.equal } and { v: v } to
use shorthand ({ def, compare: FilterCompare.equal } and { v }) and similarly
other places constructing filter objects so they use shorthand properties (e.g.,
newFilters.push({ def, compare: FilterCompare.equal, values: filterValues }) and
the returned object with isDelete) while keeping all logic in
getGenericAnyOfFilter, references to filterDefinitions, filters, setFilters,
filterKey, filterValues and isDelete intact.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 6228387a-391f-48b3-a1d1-e69a1d4e4082

📥 Commits

Reviewing files that changed from the base of the PR and between e41a612 and 4588c81.

📒 Files selected for processing (3)

• pkg/loki/flow_query.go
• web/src/components/drawer/record/record-panel.tsx
• web/src/utils/columns.ts

✅ Files skipped from review due to trivial changes (1)

• pkg/loki/flow_query.go

[openshift-ci-robot]

@jotak: This pull request references NETOBSERV-2471 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.22.0" version, but no target version was set.

Details

In response to this:

Description

Allow space in filtered values

Dependencies

• Agent PR: NETOBSERV-2471: TLS usage tracking netobserv-ebpf-agent#815
• Operator: NETOBSERV-2471: TLSTracking feature knob, TLS fields netobserv-operator#2124
• FLP: NETOBSERV-2471: TLS usage tracking (bump agent) flowlogs-pipeline#1119

Checklist

• Does the changes in PR need specific configuration or environment set up for testing?
  • if so please describe it in PR description.
• I have added thorough unit tests for the change.
• QE requirements (check 1 from the list):
• Standard QE validation, with pre-merge tests unless stated otherwise.
• Regression tests only (e.g. refactoring with no user-facing change).
• No QE (e.g. trivial change with high reviewer's confidence, or per agreement with the QE team).

Summary by CodeRabbit

• Bug Fixes

• Flow query filters now accept space characters in filter values.

• New Features

• Record panel: added multi-value "any-of" filter for TLS types.

• Improvements

• Buffered HTTP/2 priority updates for improved scheduling.

• Terminal: added Delete and Transpose key behaviors.

• Chores

• Updated Go dependencies and flowlogs-pipeline.

• Removed several unused vendored CLI flag and kubeconfig packages.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[github-actions]

New image:

quay.io/netobserv/network-observability-console-plugin:7034ec3

It will expire in two weeks.

To deploy this build, run from the operator repo, assuming the operator is running:

USER=netobserv VERSION=7034ec3 make set-plugin-image

[Amoghrd]

/label qe-approved

[openshift-ci-robot]

@jotak: This pull request references NETOBSERV-2471 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.22.0" version, but no target version was set.

Details

In response to this:

Description

Allow space in filtered values

Dependencies

• Agent PR: NETOBSERV-2471: TLS usage tracking netobserv-ebpf-agent#815
• Operator: NETOBSERV-2471: TLSTracking feature knob, TLS fields netobserv-operator#2124
• FLP: NETOBSERV-2471: TLS usage tracking (bump agent) flowlogs-pipeline#1119

Checklist

• Does the changes in PR need specific configuration or environment set up for testing?
  • if so please describe it in PR description.
• I have added thorough unit tests for the change.
• QE requirements (check 1 from the list):
• Standard QE validation, with pre-merge tests unless stated otherwise.
• Regression tests only (e.g. refactoring with no user-facing change).
• No QE (e.g. trivial change with high reviewer's confidence, or per agreement with the QE team).

Summary by CodeRabbit

• Bug Fixes

• Flow query filters now accept space characters in filter values.

• New Features

• Record panel: added multi-value "any-of" filter for TLS types.

• Improvements

• Buffered HTTP/2 priority updates for improved scheduling.

• Terminal: added Delete and Transpose key behaviors.

• Chores

• Updated Go dependencies and flowlogs-pipeline.

• Removed several unused vendored CLI flag and kubeconfig packages.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[jpinsonneau]

nit: add the space in the comment above

[jotak]

done

[jpinsonneau]

Can you please update https://github.com/netobserv/netobserv-web-console/blob/main/config/sample-config.yaml too ?

[jotak]

done

[openshift-ci-robot]

@jotak: This pull request references NETOBSERV-2471 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.22.0" version, but no target version was set.

Details

In response to this:

Description

Allow space in filtered values

Dependencies

• Agent PR: NETOBSERV-2471: TLS usage tracking netobserv-ebpf-agent#815
• Operator: NETOBSERV-2471: TLSTracking feature knob, TLS fields netobserv-operator#2124
• FLP: NETOBSERV-2471: TLS usage tracking (bump agent) flowlogs-pipeline#1119

Checklist

• Does the changes in PR need specific configuration or environment set up for testing?
  • if so please describe it in PR description.
• I have added thorough unit tests for the change.
• QE requirements (check 1 from the list):
• Standard QE validation, with pre-merge tests unless stated otherwise.
• Regression tests only (e.g. refactoring with no user-facing change).
• No QE (e.g. trivial change with high reviewer's confidence, or per agreement with the QE team).

Summary by CodeRabbit

• Bug Fixes

• Flow query filters now accept space characters in filter values.

• New Features

• Record panel: added multi-value "any-of" filter for TLS types.

• Improvements

• Buffered HTTP/2 priority updates for better scheduling.

• Terminal: added Delete and Transpose key behaviors.

• Chores

• Updated Go dependency versions.

• Removed several unused vendored CLI flag and kubeconfig packages.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[coderabbitai]

Actionable comments posted: 2

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

config/sample-config.yaml (1)

986-997: ⚠️ Potential issue | 🟡 Minor

Update the examples to match the new multi-value input.

This block now advertises comma-separated values, but the examples still say Specify a single .... The same mismatch is repeated in the mirrored source/destination/name/owner/node examples below.

Suggested wording

       examples: |-
-        Specify a single kubernetes name following these rules:
+        Specify one or more kubernetes names following these rules:
+            - Separate values with commas; spaces after commas are allowed, e.g. netobserv, kube-system
             - Containing any alphanumeric, hyphen, underscrore or dot character

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@config/sample-config.yaml` around lines 986 - 997, The examples text under
the placeholder/hint for the kubernetes filters (e.g., the block with id:
src_namespace and the mirrored source/destination/name/owner/node blocks) still
says "Specify a single kubernetes name" but the input now accepts
comma-separated multi-values; update the wording to reflect multi-value input
(e.g., "Specify one or more kubernetes names separated by commas, following
these rules:") and keep the same bullet rules and examples; apply the same
phrasing change to each mirrored block (src_namespace and its
destination/name/owner/node counterparts) so the documentation matches the new
multi-value behaviour.

🧹 Nitpick comments (1)

config/sample-config.yaml (1)

692-714: Keep tlsTracking in sync with the typed feature model.

These additions introduce a new feature literal, but web/src/model/config.ts:8-17 still omits tlsTracking from Feature. That leaves this gate as an unchecked config string.

Suggested follow-up

 export type Feature =
   | 'multiCluster'
   | 'zones'
   | 'pktDrop'
   | 'dnsTracking'
   | 'flowRTT'
   | 'udnMapping'
   | 'packetTranslation'
   | 'networkEvents'
-  | 'ipsec';
+  | 'ipsec'
+  | 'tlsTracking';

Also applies to: 1402-1425

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@config/sample-config.yaml` around lines 692 - 714, The config added a new
feature literal "tlsTracking" but the typed Feature model (the Feature type/enum
in web/src/model/config.ts, currently defined around the top of that file)
doesn't include it; update the Feature definition to include "tlsTracking" (or
add it to the Feature enum/union) so the config string is type-checked, and scan
usages of Feature (e.g., any code referencing Feature, validateFeature, or
feature gates) to ensure they accept the new value as well.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@config/sample-config.yaml`:
- Line 28: Uncommented sample Alertmanager URL currently sits at the same
indentation as prometheus.url and will be parsed as a second prometheus.url;
move/uncomment that line so it is nested under the alertManager key (i.e., make
it prometheus.alertManager.url by indenting the "url: https://localhost:9094"
line under the existing alertManager block) so the URL is associated with
alertManager rather than the top-level prometheus.url.
- Around line 1523-1526: The YAML fragment contains a duplicated key
"placeholder" (same value 'E.g: NoError, NXDomain, NotAuth') which will break
strict YAML parsers; remove the second occurrence (the duplicate "placeholder"
adjacent to the "hint" and "examples" keys) so only one "placeholder" key
remains in the block that includes the "hint" and "examples" entries.

---

Outside diff comments:
In `@config/sample-config.yaml`:
- Around line 986-997: The examples text under the placeholder/hint for the
kubernetes filters (e.g., the block with id: src_namespace and the mirrored
source/destination/name/owner/node blocks) still says "Specify a single
kubernetes name" but the input now accepts comma-separated multi-values; update
the wording to reflect multi-value input (e.g., "Specify one or more kubernetes
names separated by commas, following these rules:") and keep the same bullet
rules and examples; apply the same phrasing change to each mirrored block
(src_namespace and its destination/name/owner/node counterparts) so the
documentation matches the new multi-value behaviour.

---

Nitpick comments:
In `@config/sample-config.yaml`:
- Around line 692-714: The config added a new feature literal "tlsTracking" but
the typed Feature model (the Feature type/enum in web/src/model/config.ts,
currently defined around the top of that file) doesn't include it; update the
Feature definition to include "tlsTracking" (or add it to the Feature
enum/union) so the config string is type-checked, and scan usages of Feature
(e.g., any code referencing Feature, validateFeature, or feature gates) to
ensure they accept the new value as well.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 60c7a961-cef6-487c-96b5-dc9569f9aec0

📥 Commits

Reviewing files that changed from the base of the PR and between 4c1158b and 2fc9198.

📒 Files selected for processing (2)

• config/sample-config.yaml
• pkg/loki/flow_query.go

✅ Files skipped from review due to trivial changes (1)

• pkg/loki/flow_query.go

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Indent the sample Alertmanager URL under alertManager.

Uncommenting Line 28 as-is turns it into a second prometheus.url, not prometheus.alertManager.url.

Suggested fix

   alertManager:
-  # url: https://localhost:9094
+    # url: https://localhost:9094

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	# url: https://localhost:9094
	alertManager:
	# url: https://localhost:9094

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@config/sample-config.yaml` at line 28, Uncommented sample Alertmanager URL
currently sits at the same indentation as prometheus.url and will be parsed as a
second prometheus.url; move/uncomment that line so it is nested under the
alertManager key (i.e., make it prometheus.alertManager.url by indenting the
"url: https://localhost:9094" line under the existing alertManager block) so the
URL is associated with alertManager rather than the top-level prometheus.url.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

python - <<'PY'
from pathlib import Path

path = Path("config/sample-config.yaml")
lines = path.read_text().splitlines()

start = next(i for i, line in enumerate(lines) if line.strip() == "- id: dns_flag_response_code")
block = []
for line in lines[start:]:
    if block and line.startswith("    - id: "):
        break
    block.append(line)

print("dns_flag_response_code block:")
for idx, line in enumerate(block, start=start + 1):
    print(f"{idx}: {line}")

counts = {}
for line in block[1:]:
    stripped = line.strip()
    if not stripped or stripped.startswith("#") or ":" not in stripped:
        continue
    key = stripped.split(":", 1)[0]
    counts[key] = counts.get(key, 0) + 1

dups = {k: v for k, v in counts.items() if v > 1}
print("\nduplicate keys:", dups)
PY

Repository: netobserv/netobserv-web-console

Length of output: 761

---

Remove the duplicated placeholder key on line 1525.

Line 1523 and 1525 both define placeholder: 'E.g: NoError, NXDomain, NotAuth'. Strict YAML loaders reject duplicate keys; permissive ones silently keep only the last value. Remove line 1525.

Suggested fix

     - id: dns_flag_response_code
       name: DNS Response Code
       component: autocomplete
       placeholder: 'E.g: NoError, NXDomain, NotAuth'
       hint: Add DNS RCODE name filter.
-      placeholder: 'E.g: NoError, NXDomain, NotAuth'
       examples: |-

🧰 Tools

🪛 YAMLlint (1.38.0)

[error] 1525-1525: duplication of key "placeholder" in mapping

(key-duplicates)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@config/sample-config.yaml` around lines 1523 - 1526, The YAML fragment
contains a duplicated key "placeholder" (same value 'E.g: NoError, NXDomain,
NotAuth') which will break strict YAML parsers; remove the second occurrence
(the duplicate "placeholder" adjacent to the "hint" and "examples" keys) so only
one "placeholder" key remains in the block that includes the "hint" and
"examples" entries.

[jpinsonneau]

@jotak seems like coderabbit said something useful here 👆

[coderabbitai]

Seems like the humans are having a chat. I'll hop back into my burrow for now. If you need me again, just tag @coderabbitai in a new comment, and I'll come hopping out!

[jpinsonneau]

#1397

[memodi]

CI run failure was also useful :)

[openshift-ci]

@jotak: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/plugin-cypress	2fc9198	link	true	/test plugin-cypress

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[jpinsonneau]

LGTM, thanks @jotak