feat(commands): wrapper UX hardening — persistent flags, -n drop, crashdump, kubeconfig hint, dmesg cushion, TUI refusal

[Aleksei Sviridkin (lexfrei)]

Summary

Baseline repository scaffolding — a single PR covering the GitHub artefacts, contributor docs, lint configs, CI smoke tests, and Renovate that the repo was missing. After merge the new label scheme will be applied to the existing PR and issue.

What's added

.github/ artefacts

• labels.yml — 38 labels in K8s-style namespaces (kind/, area/, priority/, triage/, lifecycle/, do-not-merge/, size/). Aliases retire the four GitHub defaults currently in use (bug → kind/bug, enhancement → kind/feature, documentation → kind/documentation, question → triage/needs-information) without losing references.
• workflows/labels.yaml — validate + sync via EndBug/label-sync@v2, weekly cron.
• workflows/ci.yml — helm template smoke tests, yamllint, markdownlint.
• pull_request_template.md — Helm/Make-specific (no Go-only items).
• ISSUE_TEMPLATE/{bug_report,feature_request,config} — pre-labelled, blank issues disabled.
• CODEOWNERS — flat global ownership.
• renovate.json5 — image:tag@digest in first-party values.yaml plus GH Actions, weekly.

Top-level

• CONTRIBUTING.md — branch flow, Conventional Commits, signoff, GPG, vendored-chart rule.
• SECURITY.md — private vulnerability reporting via GitHub Advisories.
• .gitattributes — vendored chart trees marked linguist-vendored, _out/ linguist-generated.
• .editorconfig — 2-space, LF, UTF-8; tabs for Makefile/.mk; preserve trailing in .md.
• .yamllint.yaml, .markdownlint-cli2.jsonc — lint configs matching the CI workflow.
• README CI badge.

Notes

• The packages/core/platform chart is intentionally excluded from the helm-template CI step. Its repository.yaml uses lookup + fail and cannot render offline; re-enable once that template is made dry-run-safe.
• helm lint is not run in CI. packages/system/billing and packages/system/tenant-locking-controller do not declare their subchart dependencies in Chart.yaml, which helm lint flags as an error. Out of scope here — fix in a follow-up.

Verification

Local checks (all green):

• 4 of 5 charts render: installer, billing, tenant-locking-controller, vlan-router.
• yamllint clean across .github/ and packages/.
• markdownlint clean on top-level *.md.
• renovate-config-validator .github/renovate.json5 valid.
• labels.yml parses; 38 labels with 4 aliases.

After merge

1. gh workflow run labels.yaml to apply the new label set (also runs automatically on the merge push).
2. Run /categorize on PR Node worker template has floatingIP vip section #7 (the open stability PR) and issue talm.discovered.default_link_selector_by_gateway might generate duplicated keys for selector #6 (system bundle placeholder) to exercise the new scheme.

Summary by CodeRabbit

Release Notes

• Bug Fixes

  • Improved error messages for dmesg --tail flag to clarify boolean behavior.
  • Enhanced kubeconfig command error messages with guidance on flag usage.

• Refactor

  • Removed -n shorthand from --nodes flag; use --nodes (long form) instead.
  • Interactive commands (dashboard, edit) now require terminal input attachment.
  • Updated rotate-ca documentation to reflect flag changes.

[coderabbitai]

Warning

Rate limit exceeded

@lexfrei has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 50 minutes and 2 seconds before requesting another review.

You’ve run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: b7c33ff7-f89d-4453-b102-6fa2590f6d0e

📥 Commits

Reviewing files that changed from the base of the PR and between c2f3017 and 4ecd2df.

📒 Files selected for processing (1)

• pkg/commands/talosctl_wrapper.go

📝 Walkthrough

Walkthrough

The PR refactors CLI flag contracts and wrapper infrastructure by removing the -n shorthand from the root --nodes flag, implementing persistent flag propagation for wrapped talosctl commands, and adding specialized command wrappers for node population, error handling, and TTY enforcement.

Changes

CLI Flag Contracts and Wrapper Infrastructure

Layer / File(s)	Summary
Root --nodes flag contract: remove -n shorthand main.go, main_test.go, README.md	New registerRootFlags() helper extracts root persistent flag registration; --nodes is re-registered without the -n shorthand. A dedicated test validates the removal and documentation examples are updated to use the long-form flag.
Persistent flag propagation mechanism pkg/commands/talosctl_wrapper.go, pkg/commands/talosctl_wrapper_test.go	New propagatePersistentFlags() helper copies upstream persistent flags into wrapped commands, skipping root-shadowed names and renaming conflicting -f shorthand to -F. Integration into wrapTalosCommand ensures wrapped subcommands inherit parent persistent flags. Comprehensive tests validate propagation rules and real upstream command inheritance.
Per-class node flag population for crashdump and rotate-ca pkg/commands/crashdump_handler.go, pkg/commands/rotate_ca_handler.go, pkg/commands/talosctl_wrapper_test.go	wrapCrashdumpCommand and populateNodesFromPerClassFlags pre-populate GlobalArgs.Nodes from upstream per-class node flags in stable order only when the global list is empty. Updates to rotate-ca's help text, PreRunE, and validation hints integrate the same mechanism. Tests validate population behavior and non-overwriting of existing nodes.
Error message enhancement for dmesg and kubeconfig pkg/commands/dmesg_handler.go, pkg/commands/kubeconfig_handler.go, pkg/commands/talosctl_wrapper_test.go	wrapDmesgCommand intercepts and rewrites --tail flag parsing errors with operator-friendly hints explaining boolean toggle semantics. Kubeconfig wrapper improves positional-argument validation errors with expanded hints describing default project-root behavior and --login usage. Tests validate error message contracts and hint content.
TUI TTY enforcement and complete wrapper dispatch pkg/commands/tui_handler.go, pkg/commands/talosctl_wrapper.go, pkg/commands/talosctl_wrapper_test.go	New wrapTUICommand enforces terminal availability for interactive dashboard and edit commands using test-injectable stdinIsTTY helper. Complete wrapper dispatch integrates crashdump, dmesg, rotate-ca, and TUI wrappers into wrapTalosCommand routing using hoisted subcommand name constants. Tests validate TTY gate behavior and full wrapper chains.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related issues

• talm kubeconfig: misleading hint about --login when a positional path is rejected #193 — Kubeconfig positional-argument validation error improvement with expanded hint addresses misleading --login guidance.
• talosctl wrapper drops inherited persistent flags from parent commands #194 — New propagatePersistentFlags helper and integration into wrapTalosCommand directly addresses loss of inherited persistent flags for wrapped subcommands.

Poem

🐰 A shorthand retires, -n takes its bow,
Persistent flags inherit, the wrappers know how,
Nodes populate wisely from per-class decree,
Error hints guide operators—clearer to see! 🌟

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main changes: wrapper UX hardening with specific improvements to persistent flags, removal of -n shorthand, crashdump handling, kubeconfig error hints, dmesg error cushioning, and TUI refusal on non-TTY stdin.
Docstring Coverage	✅ Passed	Docstring coverage is 89.66% which is sufficient. The required threshold is 80.00%.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/wrapper-ux-hardening

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Code Review

This pull request refactors flag registration and command wrapping to improve the operator experience and prevent flag shadowing. Key updates include removing the -n shorthand from the global --nodes flag, implementing node pre-population for crashdump and rotate-ca, and adding TTY checks for interactive commands. The PR also improves error messaging for dmesg and kubeconfig. Review feedback points out a potential bug where flags might be registered twice in the wrapper logic and suggests a more complete flag cloning implementation to preserve metadata like ShorthandDeprecated and synchronization of the Changed status.

[gemini-code-assist]

This function introduces duplicate flag registration. The existing loop in wrapTalosCommand (lines 154-179) already visits all flags of the upstream command via cmd.Flags().VisitAll and adds them to wrappedCmd.Flags(). Since cmd.Flags() includes persistent flags, calling propagatePersistentFlags afterwards results in the same flags being registered twice: once in the local flag set and once in the persistent flag set of wrappedCmd. This will cause issues (and potentially panics) during flag parsing when Cobra attempts to merge these sets.

Additionally, cmd.Flags().VisitAll in the first loop includes flags inherited from talosctl's root command, which should not be copied as local flags to every subcommand. The flag copying logic should be unified to use cmd.LocalFlags() (or cmd.NonInheritedFlags()) and correctly distribute flags between the local and persistent sets in a single pass.

[Aleksei Sviridkin (lexfrei)]

Verified the duplicate-registration claim against the actual code and the cobra runtime: it doesn't hold.

cmd.Flags() returns the command's LOCAL flag set only. Persistent flags live in a separate pflag.FlagSet accessed via cmd.PersistentFlags() and are merged into the effective set at parse time by cobra.Command.mergePersistentFlags() (cobra@v1.10.2/command.go:1896-1922). Before that merge runs — and wrapTalosCommand is called at wrap time, before any parse — the two sets are disjoint. So cmd.Flags().VisitAll enumerates exactly the local flags, and cmd.PersistentFlags().VisitAll in propagatePersistentFlags enumerates exactly the persistent flags. No flag is visited twice.

The same reasoning applies to the "inherited from talosctl's root" concern: taloscommands.Commands is a slice of standalone top-level commands, not children of an upstream root. Calling cmd.Flags() on them doesn't reach a root parent because they don't have one in talm's wrapper context. The persistent-flag pass walks cmd.PersistentFlags() and the talm-root-shadowed names (--nodes, --endpoints, etc. that upstream's addCommand registers on every top-level command) are filtered via rootShadowedPersistentFlags to prevent the sync-direction collision.

Three regression tests cover this: TestWrapTalosCommand_InheritsParentPersistentFlags (synthetic), TestWrapTalosCommand_RealImageListPropagatesNamespace (real upstream image tree — imageCmd.PersistentFlags() reaches image list), TestWrapTalosCommand_RealMetaWritePropagatesInsecure (real upstream meta with -i / --insecure persistent shorthand). All green; cobra parses the wrapped child without "flag redefined" panics.

[gemini-code-assist]

When cloning a flag to rename its shorthand, several fields are missing from the manual copy, such as ShorthandDeprecated. More importantly, the Changed status of the flag is not synchronized. If the upstream command's logic relies on cmd.Flags().Changed("file"), it will incorrectly see it as false even if the user provided the renamed -F shorthand, because only the newFlag object's Changed status is updated by the parser.

Consider using a helper function for cloning and implementing a mechanism in PreRunE to sync the Changed status from the wrapped command's flags back to the original command's flags.

Suggested change

	renamed := &pflag.Flag{
	Name: flag.Name,
	Usage: flag.Usage,
	Value: flag.Value,
	DefValue: flag.DefValue,
	Changed: flag.Changed,
	NoOptDefVal: flag.NoOptDefVal,
	Deprecated: flag.Deprecated,
	Hidden: flag.Hidden,
	Shorthand: "F",
	Annotations: flag.Annotations,
	}
	renamed := &pflag.Flag{
	Name: flag.Name,
	Usage: flag.Usage,
	Value: flag.Value,
	DefValue: flag.DefValue,
	Changed: flag.Changed,
	NoOptDefVal: flag.NoOptDefVal,
	Deprecated: flag.Deprecated,
	Hidden: flag.Hidden,
	Shorthand: "F",
	ShorthandDeprecated: flag.ShorthandDeprecated,
	Annotations: flag.Annotations,
	}

[Aleksei Sviridkin (lexfrei)]

Addressed in 4ecd2df — added ShorthandDeprecated to the flag-clone path (and the persistent-flag clone in propagatePersistentFlags). Extracted the clone into a renameFlagShorthand helper so both call sites stay in sync as pflag grows new metadata fields.

On the second part (sync Changed from the wrapped flag back to the original via PreRunE): not applied. The wrapped command's RunE is assigned from upstream's cmd.RunE, and cobra passes the WRAPPED command instance to RunE(cmd, args) at runtime. Upstream's RunE consults cmd.Flags().Changed("file") against that same wrapped instance, where the renamed -F flag's Changed status IS correctly set by the parser. The original *pflag.Flag pointer is never queried after wrap because the original *cobra.Command is never executed — only the wrapped one is. Writing back to the original would be dead work.