From 6fdc9b0badab67263f21db11012d60d303fb5d5f Mon Sep 17 00:00:00 2001
From: Timofei Larkin <lllamnyp@gmail.com>
Date: Tue, 11 Nov 2025 22:54:08 +0300
Subject: [PATCH] [vpc,dashboard] Expose subnet details in dashboard

## What this PR does

To use the new VPC feature, users need to pass the subnet ID to the VMs
they wish to launch in a given VPC/subnet. As the dashboard cannot
compute the subnet ID in the same manner as the Helm template, a helper
configmap is created, containing the details of the subnets attached to
a given VPC. This configmap is queried by the dashboard frontend to
render those details to the user.

### Release note

```release-note
[vpc,dashboard] Expose subnet details to end-user in the dashboard.
```

Signed-off-by: Timofei Larkin <lllamnyp@gmail.com>
---
 internal/controller/dashboard/factory.go      | 21 +++++++++++++
 .../controller/dashboard/static_refactored.go |  7 +++++
 packages/apps/vpc/charts/cozy-lib             |  1 +
 packages/apps/vpc/templates/vpc.yaml          | 30 +++++++++++++++----
 4 files changed, 54 insertions(+), 5 deletions(-)
 create mode 120000 packages/apps/vpc/charts/cozy-lib

diff --git a/internal/controller/dashboard/factory.go b/internal/controller/dashboard/factory.go
index 4e18ff09..4f1c9b1f 100644
--- a/internal/controller/dashboard/factory.go
+++ b/internal/controller/dashboard/factory.go
@@ -150,6 +150,27 @@ func detailsTab(kind, endpoint, schemaJSON string, keysOrder [][]string) map[str
 		}),
 		paramsList,
 	}
+	if kind == "VirtualPrivateCloud" {
+		rightColStack = append(rightColStack,
+			antdFlexVertical("vpc-subnets-block", 4, []any{
+				antdText("vpc-subnets-label", true, "Subnets", nil),
+				map[string]any{
+					"type": "EnrichedTable",
+					"data": map[string]any{
+						"id":                   "vpc-subnets-table",
+						"baseprefix":           "/openapi-ui",
+						"clusterNamePartOfUrl": "{2}",
+						"customizationId":      "virtualprivatecloud-subnets",
+						"fetchUrl":             "/api/clusters/{2}/k8s/api/v1/namespaces/{3}/configmaps",
+						"fieldSelector": map[string]any{
+							"metadata.name": "virtualprivatecloud-{6}-subnets",
+						},
+						"pathToItems": []any{"items"},
+					},
+				},
+			}),
+		)
+	}
 
 	return map[string]any{
 		"key":   "details",
diff --git a/internal/controller/dashboard/static_refactored.go b/internal/controller/dashboard/static_refactored.go
index 266cb6d5..619d36f5 100644
--- a/internal/controller/dashboard/static_refactored.go
+++ b/internal/controller/dashboard/static_refactored.go
@@ -182,6 +182,13 @@ func CreateAllCustomColumnsOverrides() []*dashboardv1alpha1.CustomColumnsOverrid
 			createTimestampColumn("Created", ".metadata.creationTimestamp"),
 		}),
 
+		// Virtual private cloud subnets
+		createCustomColumnsOverride("virtualprivatecloud-subnets", []any{
+			createFlatMapColumn("Data", ".data"),
+			createStringColumn("Subnet Parameters", "_flatMapData_Key"),
+			createStringColumn("Values", "_flatMapData_Value"),
+		}),
+
 		// Factory ingress details rules
 		createCustomColumnsOverride("factory-kube-ingress-details-rules", []any{
 			createStringColumn("Host", ".host"),
diff --git a/packages/apps/vpc/charts/cozy-lib b/packages/apps/vpc/charts/cozy-lib
new file mode 120000
index 00000000..e1813509
--- /dev/null
+++ b/packages/apps/vpc/charts/cozy-lib
@@ -0,0 +1 @@
+../../../library/cozy-lib
\ No newline at end of file
diff --git a/packages/apps/vpc/templates/vpc.yaml b/packages/apps/vpc/templates/vpc.yaml
index e8834dc5..247d4821 100644
--- a/packages/apps/vpc/templates/vpc.yaml
+++ b/packages/apps/vpc/templates/vpc.yaml
@@ -60,13 +60,33 @@ kind: ConfigMap
 metadata:
   name: {{ $.Release.Name }}-subnets
   labels:
+    apps.cozystack.io/application.group: apps.cozystack.io
+    apps.cozystack.io/application.kind: VirtualPrivateCloud
+    apps.cozystack.io/application.name: {{ trimPrefix "virtualprivatecloud-" .Release.Name }}
     cozystack.io/vpcId: {{ $vpcId }}
     cozystack.io/tenantName: {{ $.Release.Namespace }}
 data:
   {{- range $subnetName, $subnetConfig := .Values.subnets }}
-  {{ $subnetName }}: |-
-    subnetName: {{ $subnetName }}
-    subnetId: {{ print "subnet-" (print $.Release.Namespace "/" $vpcId "/" $subnetName | sha256sum | trunc 8) }}
-    subnetCIDR: {{ $subnetConfig.cidr }}
+  {{ $subnetName }}.ID: {{ print "subnet-" (print $.Release.Namespace "/" $vpcId "/" $subnetName | sha256sum | trunc 8) }}
+  {{ $subnetName }}.CIDR: {{ $subnetConfig.cidr }}
   {{- end }}
-
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: "{{ .Release.Name }}-subnets"
+subjects: {{- include "cozy-lib.rbac.subjectsForTenant" (list "view" .Release.Namespace ) | nindent 2 }}
+roleRef:
+  kind: Role
+  name: "{{ .Release.Name }}-subnets"
+  apiGroup: rbac.authorization.k8s.io
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+  name: "{{ .Release.Name }}-subnets"
+rules:
+- apiGroups: [""]
+  resources: ["configmaps"]
+  verbs: ["get","list","watch"]
+  resourceNames: ["{{ .Release.Name }}-subnets"]