[issue_627] Fail fast when OpenShift admin token is not configured for Helm

[kanovotn]

Description

This PR addresses issue #627 by adding validation in HelmBinaryManager to fail fast when the OpenShift admin token is not configured for Helm operations. This provides clearer error feedback instead of allowing operations to proceed and fail later with less informative error messages.

Changes

• Added validation check in HelmBinaryManager.java to verify OpenShift admin token is configured before proceeding with Helm operations
• Modified file: core/src/main/java/cz/xtf/core/helm/HelmBinaryManager.java

Checklist

• Pull Request contains a description of the changes
• Pull Request does not include fixes for multiple issues/topics
• Code is formatted, imports ordered, code compiles and tests are passing
• Code is self-descriptive and/or documented

Summary by Sourcery

Bug Fixes:

• Add validation to prevent Helm admin and master operations from proceeding when the corresponding OpenShift tokens are not configured.

[sourcery-ai]

Reviewer's guide (collapsed on small PRs)

Reviewer's Guide

Adds fail-fast validation in HelmBinaryManager to ensure OpenShift admin and master tokens are configured before constructing Helm binaries, throwing clear configuration errors when missing.

Sequence diagram for fail-fast Helm admin binary creation

sequenceDiagram
    participant Caller
    participant HelmBinaryManager
    participant OpenShiftConfig
    participant HelmBinary

    Caller->>HelmBinaryManager: adminBinary()
    HelmBinaryManager->>OpenShiftConfig: adminToken()
    OpenShiftConfig-->>HelmBinaryManager: adminToken
    HelmBinaryManager->>HelmBinaryManager: validateToken(adminToken, OPENSHIFT_ADMIN_TOKEN)
    alt token is null
        HelmBinaryManager-->>Caller: throw IllegalStateException
    else token is valid
        HelmBinaryManager->>HelmBinaryManager: getBinary(validAdminToken, namespace)
        HelmBinaryManager-->>Caller: HelmBinary
    end

Loading

Sequence diagram for fail-fast Helm master binary creation

sequenceDiagram
    participant Caller
    participant HelmBinaryManager
    participant OpenShiftConfig
    participant HelmBinary

    Caller->>HelmBinaryManager: masterBinary()
    HelmBinaryManager->>OpenShiftConfig: masterToken()
    OpenShiftConfig-->>HelmBinaryManager: masterToken
    HelmBinaryManager->>HelmBinaryManager: validateToken(masterToken, OPENSHIFT_MASTER_TOKEN)
    alt token is null
        HelmBinaryManager-->>Caller: throw IllegalStateException
    else token is valid
        HelmBinaryManager->>HelmBinaryManager: getBinary(validMasterToken, namespace)
        HelmBinaryManager-->>Caller: HelmBinary
    end

Loading

Updated class diagram for HelmBinaryManager fail-fast validation

classDiagram
    class HelmBinaryManager {
        +HelmBinary adminBinary()
        +HelmBinary masterBinary()
        -String validateToken(String token, String propertyName)
        -static HelmBinary getBinary(String token, String namespace)
        +String getHelmBinaryPath()
    }

    class OpenShiftConfig {
        +static String adminToken()
        +static String masterToken()
        +static String namespace()
        +static String OPENSHIFT_ADMIN_TOKEN
        +static String OPENSHIFT_MASTER_TOKEN
    }

    class HelmBinary {
    }

    HelmBinaryManager ..> OpenShiftConfig : uses
    HelmBinaryManager ..> HelmBinary : creates

Loading

File-Level Changes

Change	Details	Files
Add centralized token validation to fail fast when OpenShift admin or master tokens are not configured before Helm operations.	Wrap retrieval of the OpenShift admin token in a validateToken helper before passing it to getBinary Wrap retrieval of the OpenShift master token in a validateToken helper before passing it to getBinary Introduce a private validateToken utility that throws IllegalStateException with a clear message if the token is null and otherwise returns it	core/src/main/java/cz/xtf/core/helm/HelmBinaryManager.java

Possibly linked issues

• Helm: fail fast when Openshift admin token is not configured #627: PR adds token validation in HelmBinaryManager to fail fast with clear error, exactly matching the issue request.

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey there - I've reviewed your changes - here's some feedback:

• In both adminBinary() and masterBinary(), you retrieve the token into a local variable for validation but then call OpenShiftConfig.*Token() again when passing it to getBinary; consider reusing the validated local variable to avoid redundant calls and potential inconsistency.
• The token checks only guard against null; if an empty or whitespace-only string is also invalid in this context, consider tightening the validation (e.g., using a helper that checks for non-empty tokens) so failures are caught earlier.
• The admin and master token validation logic is nearly identical; consider extracting a small helper to reduce duplication and keep error handling consistent for future changes.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- In both `adminBinary()` and `masterBinary()`, you retrieve the token into a local variable for validation but then call `OpenShiftConfig.*Token()` again when passing it to `getBinary`; consider reusing the validated local variable to avoid redundant calls and potential inconsistency.
- The token checks only guard against `null`; if an empty or whitespace-only string is also invalid in this context, consider tightening the validation (e.g., using a helper that checks for non-empty tokens) so failures are caught earlier.
- The admin and master token validation logic is nearly identical; consider extracting a small helper to reduce duplication and keep error handling consistent for future changes.

## Individual Comments

### Comment 1
<location> `core/src/main/java/cz/xtf/core/helm/HelmBinaryManager.java:25` </location>
<code_context>
     }

     public HelmBinary adminBinary() {
+        String adminToken = OpenShiftConfig.adminToken();
+        if (adminToken == null) {
+            throw new IllegalStateException(
+                    "Admin token is not configured. Please set '" + OpenShiftConfig.OPENSHIFT_ADMIN_TOKEN
+                            + "' in your properties file.");
+        }
         return getBinary(OpenShiftConfig.adminToken(), OpenShiftConfig.namespace());
     }

</code_context>

<issue_to_address>
**suggestion:** Use the already-fetched adminToken instead of calling OpenShiftConfig.adminToken() again.

`adminToken` is read into a local variable for the null check, but `getBinary` calls `OpenShiftConfig.adminToken()` again. This can create a small inconsistency window if the config changes, and the second call could still return `null`. Use the local `adminToken` for both the check and the `getBinary` call to keep the logic correct and consistent.

```suggestion
        return getBinary(adminToken, OpenShiftConfig.namespace());
```
</issue_to_address>

### Comment 2
<location> `core/src/main/java/cz/xtf/core/helm/HelmBinaryManager.java:35` </location>
<code_context>
     }

     public HelmBinary masterBinary() {
+        String masterToken = OpenShiftConfig.masterToken();
+        if (masterToken == null) {
+            throw new IllegalStateException(
+                    "Master token is not configured. Please set '" + OpenShiftConfig.OPENSHIFT_MASTER_TOKEN
+                            + "' in your properties file.");
+        }
         return getBinary(OpenShiftConfig.masterToken(), OpenShiftConfig.namespace());
     }

</code_context>

<issue_to_address>
**suggestion:** Reuse the masterToken variable instead of calling OpenShiftConfig.masterToken() twice.

Right now you null-check the local `masterToken` but then call `OpenShiftConfig.masterToken()` again when invoking `getBinary`. Pass the local `masterToken` instead so the checked value is the one actually used and you don’t risk divergence if the config changes between calls.

```suggestion
        return getBinary(masterToken, OpenShiftConfig.namespace());
```
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[kanovotn]

@sourcery-ai review

[sourcery-ai]

Hey there - I've reviewed your changes - here's some feedback:

• Consider treating empty or blank token values the same as null in validateToken, since an empty string will still pass the check but likely lead to confusing failures downstream.
• You may want to include the token type (e.g., admin/master) in the error message directly, rather than only the property name, to make it clearer which credential is missing when multiple tokens are configured.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- Consider treating empty or blank token values the same as null in `validateToken`, since an empty string will still pass the check but likely lead to confusing failures downstream.
- You may want to include the token type (e.g., admin/master) in the error message directly, rather than only the property name, to make it clearer which credential is missing when multiple tokens are configured.

## Individual Comments

### Comment 1
<location> `core/src/main/java/cz/xtf/core/helm/HelmBinaryManager.java:32-38` </location>
<code_context>
+        return getBinary(masterToken, OpenShiftConfig.namespace());
+    }
+
+    private String validateToken(String token, String propertyName) {
+        if (token == null) {
+            throw new IllegalStateException(
+                    "Token is not configured. Please set '" + propertyName + "' in your properties file.");
+        }
+        return token;
     }

</code_context>

<issue_to_address>
**suggestion:** Consider treating empty/blank tokens as invalid as well, not just null.

`validateToken` only rejects `null`. If `OpenShiftConfig.*Token()` can return an empty or whitespace-only string (e.g. property defined but with no value), that would still pass and likely fail later in a less clear way. Consider checking `token == null || token.isBlank()` (or `isEmpty()` if preferred) so misconfigurations are caught early with your explicit exception.

```suggestion
    private String validateToken(String token, String propertyName) {
        if (token == null || token.isBlank()) {
            throw new IllegalStateException(
                    "Token is not configured. Please set '" + propertyName + "' in your properties file.");
        }
        return token;
    }
```
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}