Fix No-DPF warning message for zero-dpu deployments

[kensimon]

We recently started rendering a warning if none of the hosts have dpf_used_for_ingestion set, but this emits a false positive if the host has no DPU's at all. Fix that by not warning on zero-DPU hosts.

Type of Change

• Add - New feature or capability
• Change - Changes in existing functionality
• Fix - Bug fixes
• Remove - Removed features or deprecated functionality
• Internal - Internal changes (refactoring, tests, docs, etc.)

Breaking Changes

• This PR contains breaking changes

Testing

• Unit tests added/updated
• Integration tests added/updated
• Manual testing performed
• No testing required (docs, internal refactor, etc.)

Additional Notes

[coderabbitai]

Summary by CodeRabbit

• Bug Fixes
  • Improved accuracy of DPU/DPF warning indicators to properly display when DPUs are present but not utilized for ingestion.

Walkthrough

In crates/api-web/src/managed_host.rs, the has_dpf_warning flag computation within show_html is tightened to require both that a managed host has at least one DPU and that dpf_used_for_ingestion is false, replacing the prior logic that checked only dpf_used_for_ingestion.

Changes

DPF Warning Condition Refinement

Layer / File(s)	Summary
has_dpf_warning predicate update crates/api-web/src/managed_host.rs	The warning flag now evaluates a conjunction: DPUs must be present on the host and dpf_used_for_ingestion must be false. Previously the check depended solely on the ingestion flag, which could produce false positives for hosts without DPUs.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

• NVIDIA/infra-controller#2590: Introduced the initial has_dpf_warning computation based on dpf_used_for_ingestion in the same show_html function that this PR directly refines.

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title precisely captures the main change: fixing a false-positive warning for zero-DPU deployments by refining the DPF warning logic.
Description check	✅ Passed	The description is directly related to the changeset, explaining the bug context, the fix rationale, and testing approach without irrelevant content.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (1)

crates/api-web/src/managed_host.rs (1)

618-620: ⚡ Quick win

Add a regression test matrix for the DPF warning predicate.

This fix is correct, but it should be locked with a table-driven test covering at least: (dpus=0, used_for_ingestion=false) -> no warning, (dpus>0, used_for_ingestion=false) -> warning, (dpus>0, used_for_ingestion=true) -> no warning.

As per coding guidelines, “Prefer table-driven tests for any function that maps inputs to outputs, errors, or other observable results.”

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@crates/api-web/src/managed_host.rs` around lines 618 - 620, The DPF warning
predicate logic in the has_dpf_warning variable assignment needs to be covered
by a table-driven regression test. Create a test function that uses a table
(slice of structs or tuples) to verify the warning condition logic with at least
three test cases: one where dpus is empty and dpf_used_for_ingestion is false
(should not warn), one where dpus is not empty and dpf_used_for_ingestion is
false (should warn), and one where dpus is not empty and dpf_used_for_ingestion
is true (should not warn). Each test case should validate the boolean result of
the predicate !h.dpus.is_empty() && !h.dpf_used_for_ingestion against the
expected warning outcome.

Source: Coding guidelines

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@crates/api-web/src/managed_host.rs`:
- Around line 618-620: The DPF warning predicate logic in the has_dpf_warning
variable assignment needs to be covered by a table-driven regression test.
Create a test function that uses a table (slice of structs or tuples) to verify
the warning condition logic with at least three test cases: one where dpus is
empty and dpf_used_for_ingestion is false (should not warn), one where dpus is
not empty and dpf_used_for_ingestion is false (should warn), and one where dpus
is not empty and dpf_used_for_ingestion is true (should not warn). Each test
case should validate the boolean result of the predicate !h.dpus.is_empty() &&
!h.dpf_used_for_ingestion against the expected warning outcome.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 3a22b01b-dfab-4bf7-afee-f13b1e5fd15f

📥 Commits

Reviewing files that changed from the base of the PR and between 7eb1969 and 28cb06f.

📒 Files selected for processing (1)

• crates/api-web/src/managed_host.rs

[github-actions]

🔍 Container Scan Summary

Service	Total	Critical	High	Medium	Low	Other
boot-artifacts-aarch64	3	0	0	3	0	0
boot-artifacts-x86_64	3	0	0	3	0	0
forge-admin-cli-x86_64	244	4	22	103	6	109
machine-validation-runner	671	23	178	262	37	171
machine_validation	671	23	178	262	37	171
nvmetal-carbide	671	23	178	262	37	171
TOTAL	2263	73	556	895	117	622

Per-CVE detail lives in the per-service grype-* artifacts (JSON + SARIF). Severity counts only — no CVE IDs published here.