Enhance vLLM deployment script

[seokho-son]

• Enhance vLLM deployment script
• with minor error handling in getting list

[seokho-son]

/approve

[Copilot]

Pull request overview

This pull request enhances the vLLM deployment script and makes changes to several Go files related to parameter validation. The primary focus is on the vLLM deployment script improvements, but the PR also comments out input validation checks in multiple Go functions.

• Enhanced vLLM deployment shell script with better error handling, disk space warnings, and improved input validation
• Commented out common.CheckString() validation in multiple Go functions handling MCI (Multi-Cloud Infrastructure) operations
• Fixed a variable scoping bug in ListVmId function

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 9 comments.

File	Description
scripts/usecases/llm/deployvLLM.sh	Enhanced deployment script with bash enforcement, strict mode (set -e), disk space checks, improved error handling for pip installs, better input validation using case statements, and updated shellcheck directives
src/core/infra/utility.go	Commented out common.CheckString() validation in CheckMciPolicy function while retaining basic emptiness checks
src/core/infra/manageInfo.go	Commented out common.CheckString() validation in ListVmId and GetMciStatus functions; fixed variable declaration bug on line 100; modified error formatting in GetMciStatus
src/core/infra/control.go	Commented out common.CheckString() validation in HandleMciAction function

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Using set +e to temporarily disable error checking around pip install commands is not the best practice when set -e is enabled at the script level. This creates inconsistent error handling behavior and makes the script harder to reason about. A better approach would be to use explicit error checking with if ! pip install ...; then constructs, which provides clearer intent and maintains consistent error handling throughout the script.

[Copilot]

Removing the common.CheckString() validation is a security concern. This function validates that strings follow the pattern [a-z]([-a-z0-9]*[a-z0-9])? to prevent potential injection attacks or malformed keys. Commenting out this comprehensive validation removes important input sanitization. The function still has basic checks earlier in the code, but this validation layer provides additional security by ensuring parameters conform to expected formats. If this validation is causing issues, consider fixing the root cause rather than removing the security check.

[Copilot]

Removing the common.CheckString() validation is a security concern. This function validates that strings follow the pattern [a-z]([-a-z0-9]*[a-z0-9])? to prevent potential injection attacks or malformed keys. Commenting out this comprehensive validation removes important input sanitization. If this validation is causing issues, consider fixing the root cause rather than removing the security check.

Suggested change

	// err := common.CheckString(nsId)
	// if err != nil {
	// log.Error().Err(err).Msg("")
	// return "", err
	// }
	// err = common.CheckString(mciId)
	// if err != nil {
	// log.Error().Err(err).Msg("")
	// return "", err
	// }
	err := common.CheckString(nsId)
	if err != nil {
	log.Error().Err(err).Msg("")
	return "", err
	}
	err = common.CheckString(mciId)
	if err != nil {
	log.Error().Err(err).Msg("")
	return "", err
	}

[Copilot]

The disk space check may fail on systems where the root filesystem mount point is not exactly "/" (e.g., some systems might show it differently). The awk pattern $NF=="/" matches when the last field is "/", but this could be fragile. Consider using a more robust approach like checking the specific line or using df -BG . | tail -1 to get the current directory's filesystem.

Suggested change

	DISK_AVAIL=$(df -BG / | awk 'NR==2 {gsub("G","",$4); print $4}')
	df -h / | awk '$NF=="/" {print "Disk - Total: "$2, "Available: "$4}'
	DISK_AVAIL=$(df -BG . | tail -1 | awk '{gsub("G","",$4); print $4}')
	df -h . | tail -1 | awk '{print "Disk - Total: "$2, "Available: "$4}'

[Copilot]

Removing the common.CheckString() validation is a security concern. This function validates that strings follow the pattern [a-z]([-a-z0-9]*[a-z0-9])? to prevent potential injection attacks or malformed keys. While there are empty string checks at lines 179-185, commenting out the more comprehensive validation removes important input sanitization that protects against invalid characters and formats. If this validation is causing issues, consider fixing the root cause rather than removing the security check.

Suggested change

	// err := common.CheckString(nsId)
	// if err != nil {
	// log.Error().Err(err).Msg("")
	// return false, err
	// }
	// err = common.CheckString(mciId)
	// if err != nil {
	// log.Error().Err(err).Msg("")
	// return false, err
	// }
	err := common.CheckString(nsId)
	if err != nil {
	log.Error().Err(err).Msg("")
	return false, err
	}
	err = common.CheckString(mciId)
	if err != nil {
	log.Error().Err(err).Msg("")
	return false, err
	}

[Copilot]

Removing the common.CheckString() validation is a security concern. This function validates that strings follow the pattern [a-z]([-a-z0-9]*[a-z0-9])? to prevent potential injection attacks or malformed keys. Commenting out this comprehensive validation removes important input sanitization. If this validation is causing issues, consider fixing the root cause rather than removing the security check.

[Copilot]

This code handles a timeout when no user input is provided within 10 seconds (using read -r -t 10), but the fallback value assignment CONTINUE="n" happens through the || operator only when the read command fails (which includes timeout). However, if the user provides empty input by pressing Enter without typing anything, the variable will be empty but the read command succeeds. The subsequent regex check [[ ! "$CONTINUE" =~ ^[Yy]$ ]] will treat empty input as "no", which is the safe default. While this works correctly, the logic could be clearer by explicitly setting a default value before the read command.

Suggested change

	read -r -t 10 -p "Continue anyway? [y/N]: " CONTINUE || CONTINUE="n"
	CONTINUE="n"
	read -r -t 10 -p "Continue anyway? [y/N]: " CONTINUE || true

[Copilot]

The change from fmt.Errorf("Not found [" + key + "]") to fmt.Errorf("%s", "Not found ["+key+"]") is unnecessary. The original code is more idiomatic and readable. The added format string "%s" doesn't provide any benefit here since simple string concatenation is sufficient for fmt.Errorf. This change increases code complexity without adding value.

Suggested change

	err := fmt.Errorf("%s", "Not found ["+key+"]")
	err := fmt.Errorf("Not found [" + key + "]")

[Copilot]

The HOST validation regex pattern ^[0-9a-zA-Z.:_-]+$ allows IPv6 addresses with colons, which is good, but it doesn't properly validate that the address is actually valid. For example, it would accept strings like "::::" or "a:b:c:d:e:f:g:h:i:j" which aren't valid IPv6 addresses. While this is a basic validation and vLLM will ultimately reject invalid addresses, the error message "HOST contains invalid characters" might be misleading for malformed (but character-valid) addresses. Consider either improving the validation or adjusting the error message to clarify that the validation only checks for allowed characters.

Suggested change

	# Allow 0.0.0.0, localhost, valid IPs, and hostnames
	if [[ ! "$HOST" =~ ^[0-9a-zA-Z.:_-]+$ ]]; then
	echo "Error: HOST contains invalid characters. Got: $HOST"
	# Allow 0.0.0.0, localhost, valid IPs, and hostnames (character-level check only)
	if [[ ! "$HOST" =~ ^[0-9a-zA-Z.:_-]+$ ]]; then
	echo "Error: HOST contains characters outside [0-9a-zA-Z.:_-]. Got: $HOST"