carverauto/serviceradar

Fork 0

adding dev script #3009

Merged

mfreeman451 merged 1 commit from refs/pull/3009/head into staging

2026-03-03 04:08:55 +00:00

mfreeman451 commented

2026-03-03 04:08:48 +00:00

(Migrated from github.com)

Owner

Imported from GitHub pull request.

Original GitHub pull request: #2983
Original author: @mfreeman451
Original URL: https://github.com/carverauto/serviceradar/pull/2983
Original created: 2026-03-03T04:08:48Z
Original updated: 2026-03-03T04:12:25Z
Original head: carverauto/serviceradar:chore/local-dev-setup
Original base: staging
Original merged: 2026-03-03T04:08:55Z by @mfreeman451

IMPORTANT: Please sign the Developer Certificate of Origin

Thank you for your contribution to ServiceRadar. Please note, when contributing, the developer must include
a DCO sign-off statement indicating the DCO acceptance in one commit message. Here
is an example DCO Signed-off-by line in a commit message:

Signed-off-by: J. Doe <j.doe@domain.com>

Describe your changes

Issue ticket number and link

Code checklist before requesting a review

I have signed the DCO?
The build completes without errors?
All tests are passing when running make test?

Imported from GitHub pull request. Original GitHub pull request: #2983 Original author: @mfreeman451 Original URL: https://github.com/carverauto/serviceradar/pull/2983 Original created: 2026-03-03T04:08:48Z Original updated: 2026-03-03T04:12:25Z Original head: carverauto/serviceradar:chore/local-dev-setup Original base: staging Original merged: 2026-03-03T04:08:55Z by @mfreeman451 --- ## IMPORTANT: Please sign the Developer Certificate of Origin Thank you for your contribution to ServiceRadar. Please note, when contributing, the developer must include a [DCO sign-off statement]( https://developercertificate.org/) indicating the DCO acceptance in one commit message. Here is an example DCO Signed-off-by line in a commit message: ``` Signed-off-by: J. Doe <j.doe@domain.com> ``` ## Describe your changes ## Issue ticket number and link ## Code checklist before requesting a review - [ ] I have signed the DCO? - [ ] The build completes without errors? - [ ] All tests are passing when running make test?

qodo-code-review[bot] commented

2026-03-03 04:09:00 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR comment.

Original author: @qodo-code-review[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/2983#issuecomment-3988526092
Original created: 2026-03-03T04:09:00Z

Review Summary by Qodo

Add Kubernetes-based local development setup script

✨ Enhancement 📝 Documentation

Walkthroughs

Description

• Add Kubernetes-based local development script for web-ng
• Extract and configure CNPG database credentials from K8s secrets
• Set up port-forwarding and TLS connectivity to remote database
• Configure Guardian token signing secret in dev environment
• Comment out local SDK path replacement in Go module

Diagram

flowchart LR
  A["Local Dev Environment"] -->|"kubectl port-forward"| B["K8s CNPG Service"]
  B -->|"Extract secrets"| C["CA Cert & DB Credentials"]
  C -->|"Configure env vars"| D["Phoenix Server"]
  D -->|"TLS Connection"| B
  E["Guardian Config"] -->|"Token Secret"| D

File Changes

1. elixir/web-ng/dev-k8s.sh ✨ Enhancement +183/-0

Kubernetes-based local development script

• New comprehensive bash script for local development against K8s CNPG cluster
• Extracts CA certificate and database credentials from K8s secrets
• Establishes port-forward tunnel to cnpg-rw service on configurable port
• Validates prerequisites (kubectl, mix, namespace access) and database connectivity
• Configures environment variables for TLS-enabled PostgreSQL connection
• Launches Phoenix server with proper CNPG configuration and cleanup on exit

elixir/web-ng/dev-k8s.sh

2. elixir/web-ng/config/dev.exs ⚙️ Configuration changes +3/-0

Add Guardian token signing configuration
• Add Guardian authentication configuration with token signing secret
• Ensures consistent secret key between token signing and Guardian module
elixir/web-ng/config/dev.exs

3. go/cmd/wasm-plugins/dusk-checker/go.mod ⚙️ Configuration changes +1/-1

Disable local SDK path replacement
• Comment out local SDK path replacement for development
• Allows use of published SDK version instead of local path
go/cmd/wasm-plugins/dusk-checker/go.mod

Imported GitHub PR comment. Original author: @qodo-code-review[bot] Original URL: https://github.com/carverauto/serviceradar/pull/2983#issuecomment-3988526092 Original created: 2026-03-03T04:09:00Z --- <h3>Review Summary by Qodo</h3> Add Kubernetes-based local development setup script <code>✨ Enhancement</code> <code>📝 Documentation</code> <img src="https://www.qodo.ai/wp-content/uploads/2025/11/light-grey-line.svg" height="10%" alt="Grey Divider"> <h3>Walkthroughs</h3> <details open> <summary>Description</summary> <pre> • Add Kubernetes-based local development script for web-ng • Extract and configure CNPG database credentials from K8s secrets • Set up port-forwarding and TLS connectivity to remote database • Configure Guardian token signing secret in dev environment • Comment out local SDK path replacement in Go module </pre> </details> <details> <summary>Diagram</summary> > ```mermaid flowchart LR A["Local Dev Environment"] -->|"kubectl port-forward"| B["K8s CNPG Service"] B -->|"Extract secrets"| C["CA Cert & DB Credentials"] C -->|"Configure env vars"| D["Phoenix Server"] D -->|"TLS Connection"| B E["Guardian Config"] -->|"Token Secret"| D ``` </details> <img src="https://www.qodo.ai/wp-content/uploads/2025/11/light-grey-line.svg" height="10%" alt="Grey Divider"> <h3>File Changes</h3> <details> <summary>1. elixir/web-ng/dev-k8s.sh <code>✨ Enhancement</code> <code> +183/-0 </code> </summary> >Kubernetes-based local development script ><pre> >• New comprehensive bash script for local development against K8s CNPG cluster >• Extracts CA certificate and database credentials from K8s secrets >• Establishes port-forward tunnel to cnpg-rw service on configurable port >• Validates prerequisites (kubectl, mix, namespace access) and database connectivity >• Configures environment variables for TLS-enabled PostgreSQL connection >• Launches Phoenix server with proper CNPG configuration and cleanup on exit ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/2983/files#diff-4fa37286d491efdacbd20c22a11d46b0077951e06e85ac646d9a98a919235a53'> elixir/web-ng/dev-k8s.sh </a> <hr/> </details> <details> <summary>2. elixir/web-ng/config/dev.exs <code>⚙️ Configuration changes</code> <code> +3/-0 </code> </summary> >Add Guardian token signing configuration ><pre> >• Add Guardian authentication configuration with token signing secret >• Ensures consistent secret key between token signing and Guardian module ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/2983/files#diff-d8f390e92e3d56735e699f49ed3caed9c0e6c936e57b751b0a8729098e95f9e6'> elixir/web-ng/config/dev.exs </a> <hr/> </details> <details> <summary>3. go/cmd/wasm-plugins/dusk-checker/go.mod <code>⚙️ Configuration changes</code> <code> +1/-1 </code> </summary> >Disable local SDK path replacement ><pre> >• Comment out local SDK path replacement for development >• Allows use of published SDK version instead of local path ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/2983/files#diff-c98804fa370f5034d414360c908191aa930fedf0e61c267f3be8df29ac3b6927'> go/cmd/wasm-plugins/dusk-checker/go.mod </a> <hr/> </details> <img src="https://www.qodo.ai/wp-content/uploads/2025/11/light-grey-line.svg" height="10%" alt="Grey Divider"> <a href="https://www.qodo.ai"><img src="https://www.qodo.ai/wp-content/uploads/2025/03/qodo-logo.svg" width="80" alt="Qodo Logo"></a>

qodo-code-review[bot] commented

2026-03-03 04:09:01 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR comment.

Original author: @qodo-code-review[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/2983#issuecomment-3988526209
Original created: 2026-03-03T04:09:01Z

Code Review by Qodo

🐞 Bugs (3) 📘 Rule violations (0) 📎 Requirement gaps (0)

1. kubectl context parsing bug 🐞 Bug ✓ Correctness

Description

dev-k8s.sh builds a kubectl command as a single string and executes it via unquoted expansion, which
breaks when the kube context contains spaces (common in some environments). This can prevent the
script from working at all and yields confusing kubectl errors.

Code

elixir/web-ng/dev-k8s.sh[R37-41]

+# Build kubectl command with optional context
+KUBECTL="kubectl"
+if [ -n "$KUBE_CONTEXT" ]; then
+    KUBECTL="kubectl --context $KUBE_CONTEXT"
+fi

Evidence

The script stores kubectl --context $KUBE_CONTEXT in a string variable and later executes
$KUBECTL ...; with a context like my context, word-splitting turns it into two arguments (my
and context), breaking every kubectl invocation in the script.

elixir/web-ng/dev-k8s.sh[37-41]
elixir/web-ng/dev-k8s.sh[73-78]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
`dev-k8s.sh` constructs `KUBECTL` as a string and executes it via `$KUBECTL ...`, which breaks when `KUBE_CONTEXT` contains spaces (word splitting). Fix by using a bash array for kubectl arguments.

### Issue Context
This script is intended for local developer onboarding; it should be robust across typical kubectl context naming conventions.

### Fix Focus Areas
- elixir/web-ng/dev-k8s.sh[37-41]
- elixir/web-ng/dev-k8s.sh[73-78]

### Suggested approach (implementation hint)
- Use:
 - `KUBECTL=(kubectl)`
 - `if [[ -n &quot;$KUBE_CONTEXT&quot; ]]; then KUBECTL+=(--context &quot;$KUBE_CONTEXT&quot;); fi`
 - Call as: `&quot;${KUBECTL[@]}&quot; get ns ...`

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

2. Missing tool prerequisites 🐞 Bug ⛯ Reliability

Description

dev-k8s.sh uses several external tools (base64, nc, timeout, openssl, grep) but only checks for
kubectl and mix. On systems missing one of these utilities, the script will fail mid-run with
non-obvious errors.

Code

elixir/web-ng/dev-k8s.sh[R60-71]

+# --- Prerequisites ---
+echo -e "${CYAN}Checking prerequisites...${NC}"
+
+if ! command -v kubectl &>/dev/null; then
+    echo -e "${RED}Error: kubectl not found${NC}"
+    exit 1
+fi
+
+if ! command -v mix &>/dev/null; then
+    echo -e "${RED}Error: mix not found (install Elixir)${NC}"
+    exit 1
+fi

Evidence
The prerequisite section validates only kubectl and mix, while later steps rely on base64
decoding, netcat port checks, and a timeout+openssl TLS probe; these are not guaranteed to exist on
all developer systems.
elixir/web-ng/dev-k8s.sh[60-71]
elixir/web-ng/dev-k8s.sh[86-101]
elixir/web-ng/dev-k8s.sh[117-135]
elixir/web-ng/dev-k8s.sh[161-167]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
`dev-k8s.sh` only checks for `kubectl` and `mix`, but later requires `base64`, `nc`, `timeout`, `openssl`, and `grep`. Missing any of these causes late, confusing failures.

### Issue Context
This is a developer onboarding script; up-front validation saves time and improves reliability across Linux/macOS environments.

### Fix Focus Areas
- elixir/web-ng/dev-k8s.sh[60-71]
- elixir/web-ng/dev-k8s.sh[86-101]
- elixir/web-ng/dev-k8s.sh[117-135]
- elixir/web-ng/dev-k8s.sh[161-167]

### Suggested approach (implementation hint)
- Add `command -v nc`, `command -v base64`, `command -v openssl`, `command -v grep`, and a `timeout` check (or fallback message: install coreutils / use gtimeout).
- Consider `set -euo pipefail` and set `PF_PID=&quot;&quot;` near the top to keep cleanup safe.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

3. JWT secret literal drift 🐞 Bug ⛯ Reliability

Description

dev.exs duplicates the same JWT secret as two separate string literals (token_signing_secret and
Guardian secret_key). This works now but increases the chance of configuration drift, contrary to
runtime.exs which intentionally derives Guardian’s secret from token_signing_secret.

Code

elixir/web-ng/config/dev.exs[R104-105]

+config :serviceradar_web_ng, ServiceRadarWebNG.Auth.Guardian,
+  secret_key: "dev_token_signing_secret_at_least_32_chars_long!"

Evidence

runtime.exs establishes the pattern that Guardian’s secret_key should be sourced from
:token_signing_secret for consistency. dev.exs now sets the same value twice independently, making
future edits error-prone.

elixir/web-ng/config/dev.exs[99-106]
elixir/web-ng/config/runtime.exs[681-690]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
`config/dev.exs` sets the same JWT signing secret twice as separate literals, increasing the risk that a future change updates one but not the other.

### Issue Context
`runtime.exs` explicitly keeps Guardian’s secret_key consistent with `:token_signing_secret`; dev should follow the same single-source-of-truth pattern.

### Fix Focus Areas
- elixir/web-ng/config/dev.exs[99-106]

### Suggested approach (implementation hint)
- Introduce `token_signing_secret = &quot;...&quot;` and then:
 - `config :serviceradar_web_ng, :token_signing_secret, token_signing_secret`
 - `config :serviceradar_web_ng, ServiceRadarWebNG.Auth.Guardian, secret_key: token_signing_secret`

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

ⓘ The new review experience is currently in Beta. Learn more

Imported GitHub PR comment. Original author: @qodo-code-review[bot] Original URL: https://github.com/carverauto/serviceradar/pull/2983#issuecomment-3988526209 Original created: 2026-03-03T04:09:01Z --- <h3>Code Review by Qodo</h3> <code>🐞 Bugs (3)</code> <code>📘 Rule violations (0)</code> <code>📎 Requirement gaps (0)</code> <img src="https://www.qodo.ai/wp-content/uploads/2025/11/light-grey-line.svg" height="10%" alt="Grey Divider"> <img src="https://www.qodo.ai/wp-content/uploads/2026/01/action-required.png" height="20" alt="Action required"> <details> <summary> 1. kubectl context parsing bug <code>🐞 Bug</code> <code>✓ Correctness</code></summary> > <details open> ><summary>Description</summary> > > ><pre> >dev-k8s.sh builds a kubectl command as a single string and executes it via unquoted expansion, which >breaks when the kube context contains spaces (common in some environments). This can prevent the >script from working at all and yields confusing kubectl errors. ></pre> ></details> > <details open> ><summary>Code</summary> > > ><code>[elixir/web-ng/dev-k8s.sh[R37-41]](https://github.com/carverauto/serviceradar/pull/2983/files#diff-4fa37286d491efdacbd20c22a11d46b0077951e06e85ac646d9a98a919235a53R37-R41)</code> > >```diff >+# Build kubectl command with optional context >+KUBECTL="kubectl" >+if [ -n "$KUBE_CONTEXT" ]; then >+ KUBECTL="kubectl --context $KUBE_CONTEXT" >+fi >``` ></details> > <details > ><summary>Evidence</summary> > > ><pre> >The script stores kubectl --context $KUBE_CONTEXT in a string variable and later executes >$KUBECTL ...; with a context like my context, word-splitting turns it into two arguments (my >and context), breaking every kubectl invocation in the script. ></pre> > > <code>[elixir/web-ng/dev-k8s.sh[37-41]](https://github.com/carverauto/serviceradar/blob/464b2946de7e2d37ed5784748e71585bfb84c0d6/elixir/web-ng/dev-k8s.sh/#L37-L41)</code> > <code>[elixir/web-ng/dev-k8s.sh[73-78]](https://github.com/carverauto/serviceradar/blob/464b2946de7e2d37ed5784748e71585bfb84c0d6/elixir/web-ng/dev-k8s.sh/#L73-L78)</code> ></details> > <details> ><summary>Agent prompt</summary> > > >``` >The issue below was found during a code review. Follow the provided context and guidance below and implement a solution > >### Issue description >`dev-k8s.sh` constructs `KUBECTL` as a string and executes it via `$KUBECTL ...`, which breaks when `KUBE_CONTEXT` contains spaces (word splitting). Fix by using a bash array for kubectl arguments. > >### Issue Context >This script is intended for local developer onboarding; it should be robust across typical kubectl context naming conventions. > >### Fix Focus Areas >- elixir/web-ng/dev-k8s.sh[37-41] >- elixir/web-ng/dev-k8s.sh[73-78] > >### Suggested approach (implementation hint) >- Use: > - `KUBECTL=(kubectl)` > - `if [[ -n "$KUBE_CONTEXT" ]]; then KUBECTL+=(--context "$KUBE_CONTEXT"); fi` > - Call as: `"${KUBECTL[@]}" get ns ...` >``` > <code>ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools</code> ></details> <hr/> </details> <img src="https://www.qodo.ai/wp-content/uploads/2026/01/review-recommended.png" height="20" alt="Remediation recommended"> <details> <summary> 2. Missing tool prerequisites <code>🐞 Bug</code> <code>⛯ Reliability</code></summary> > <details open> ><summary>Description</summary> > > ><pre> >dev-k8s.sh uses several external tools (base64, nc, timeout, openssl, grep) but only checks for >kubectl and mix. On systems missing one of these utilities, the script will fail mid-run with >non-obvious errors. ></pre> ></details> > <details open> ><summary>Code</summary> > > ><code>[elixir/web-ng/dev-k8s.sh[R60-71]](https://github.com/carverauto/serviceradar/pull/2983/files#diff-4fa37286d491efdacbd20c22a11d46b0077951e06e85ac646d9a98a919235a53R60-R71)</code> > >```diff >+# --- Prerequisites --- >+echo -e "${CYAN}Checking prerequisites...${NC}" >+ >+if ! command -v kubectl &>/dev/null; then >+ echo -e "${RED}Error: kubectl not found${NC}" >+ exit 1 >+fi >+ >+if ! command -v mix &>/dev/null; then >+ echo -e "${RED}Error: mix not found (install Elixir)${NC}" >+ exit 1 >+fi >``` ></details> > <details > ><summary>Evidence</summary> > > ><pre> >The prerequisite section validates only kubectl and mix, while later steps rely on base64 >decoding, netcat port checks, and a timeout+openssl TLS probe; these are not guaranteed to exist on >all developer systems. ></pre> > > <code>[elixir/web-ng/dev-k8s.sh[60-71]](https://github.com/carverauto/serviceradar/blob/464b2946de7e2d37ed5784748e71585bfb84c0d6/elixir/web-ng/dev-k8s.sh/#L60-L71)</code> > <code>[elixir/web-ng/dev-k8s.sh[86-101]](https://github.com/carverauto/serviceradar/blob/464b2946de7e2d37ed5784748e71585bfb84c0d6/elixir/web-ng/dev-k8s.sh/#L86-L101)</code> > <code>[elixir/web-ng/dev-k8s.sh[117-135]](https://github.com/carverauto/serviceradar/blob/464b2946de7e2d37ed5784748e71585bfb84c0d6/elixir/web-ng/dev-k8s.sh/#L117-L135)</code> > <code>[elixir/web-ng/dev-k8s.sh[161-167]](https://github.com/carverauto/serviceradar/blob/464b2946de7e2d37ed5784748e71585bfb84c0d6/elixir/web-ng/dev-k8s.sh/#L161-L167)</code> ></details> > <details> ><summary>Agent prompt</summary> > > >``` >The issue below was found during a code review. Follow the provided context and guidance below and implement a solution > >### Issue description >`dev-k8s.sh` only checks for `kubectl` and `mix`, but later requires `base64`, `nc`, `timeout`, `openssl`, and `grep`. Missing any of these causes late, confusing failures. > >### Issue Context >This is a developer onboarding script; up-front validation saves time and improves reliability across Linux/macOS environments. > >### Fix Focus Areas >- elixir/web-ng/dev-k8s.sh[60-71] >- elixir/web-ng/dev-k8s.sh[86-101] >- elixir/web-ng/dev-k8s.sh[117-135] >- elixir/web-ng/dev-k8s.sh[161-167] > >### Suggested approach (implementation hint) >- Add `command -v nc`, `command -v base64`, `command -v openssl`, `command -v grep`, and a `timeout` check (or fallback message: install coreutils / use gtimeout). >- Consider `set -euo pipefail` and set `PF_PID=""` near the top to keep cleanup safe. >``` > <code>ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools</code> ></details> <hr/> </details> <details> <summary> 3. JWT secret literal drift <code>🐞 Bug</code> <code>⛯ Reliability</code></summary> > <details open> ><summary>Description</summary> > > ><pre> >dev.exs duplicates the same JWT secret as two separate string literals (token_signing_secret and >Guardian secret_key). This works now but increases the chance of configuration drift, contrary to >runtime.exs which intentionally derives Guardian’s secret from token_signing_secret. ></pre> ></details> > <details open> ><summary>Code</summary> > > ><code>[elixir/web-ng/config/dev.exs[R104-105]](https://github.com/carverauto/serviceradar/pull/2983/files#diff-d8f390e92e3d56735e699f49ed3caed9c0e6c936e57b751b0a8729098e95f9e6R104-R105)</code> > >```diff >+config :serviceradar_web_ng, ServiceRadarWebNG.Auth.Guardian, >+ secret_key: "dev_token_signing_secret_at_least_32_chars_long!" >``` ></details> > <details > ><summary>Evidence</summary> > > ><pre> >runtime.exs establishes the pattern that Guardian’s secret_key should be sourced from >:token_signing_secret for consistency. dev.exs now sets the same value twice independently, making >future edits error-prone. ></pre> > > <code>[elixir/web-ng/config/dev.exs[99-106]](https://github.com/carverauto/serviceradar/blob/464b2946de7e2d37ed5784748e71585bfb84c0d6/elixir/web-ng/config/dev.exs/#L99-L106)</code> > <code>[elixir/web-ng/config/runtime.exs[681-690]](https://github.com/carverauto/serviceradar/blob/464b2946de7e2d37ed5784748e71585bfb84c0d6/elixir/web-ng/config/runtime.exs/#L681-L690)</code> ></details> > <details> ><summary>Agent prompt</summary> > > >``` >The issue below was found during a code review. Follow the provided context and guidance below and implement a solution > >### Issue description >`config/dev.exs` sets the same JWT signing secret twice as separate literals, increasing the risk that a future change updates one but not the other. > >### Issue Context >`runtime.exs` explicitly keeps Guardian’s secret_key consistent with `:token_signing_secret`; dev should follow the same single-source-of-truth pattern. > >### Fix Focus Areas >- elixir/web-ng/config/dev.exs[99-106] > >### Suggested approach (implementation hint) >- Introduce `token_signing_secret = "..."` and then: > - `config :serviceradar_web_ng, :token_signing_secret, token_signing_secret` > - `config :serviceradar_web_ng, ServiceRadarWebNG.Auth.Guardian, secret_key: token_signing_secret` >``` > <code>ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools</code> ></details> <hr/> </details> <img src="https://www.qodo.ai/wp-content/uploads/2025/11/light-grey-line.svg" height="10%" alt="Grey Divider"> <pre>ⓘ The new review experience is currently in Beta. <a href="https://docs.qodo.ai/qodo-documentation/code-review">Learn more</a></pre> <img src="https://www.qodo.ai/wp-content/uploads/2025/11/light-grey-line.svg" height="10%" alt="Grey Divider">  <a href="https://www.qodo.ai"><img src="https://www.qodo.ai/wp-content/uploads/2025/03/qodo-logo.svg" width="80" alt="Qodo Logo"></a>

qodo-code-review[bot] commented

2026-03-03 04:12:25 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR review comment.

Original author: @qodo-code-review[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/2983#discussion_r2875979897
Original created: 2026-03-03T04:12:25Z
Original path: elixir/web-ng/dev-k8s.sh
Original line: 41

1. Kubectl context parsing bug 🐞 Bug ✓ Correctness

dev-k8s.sh builds a kubectl command as a single string and executes it via unquoted expansion, which
breaks when the kube context contains spaces (common in some environments). This can prevent the
script from working at all and yields confusing kubectl errors.

Agent Prompt

### Issue description
`dev-k8s.sh` constructs `KUBECTL` as a string and executes it via `$KUBECTL ...`, which breaks when `KUBE_CONTEXT` contains spaces (word splitting). Fix by using a bash array for kubectl arguments.

### Issue Context
This script is intended for local developer onboarding; it should be robust across typical kubectl context naming conventions.

### Fix Focus Areas
- elixir/web-ng/dev-k8s.sh[37-41]
- elixir/web-ng/dev-k8s.sh[73-78]

### Suggested approach (implementation hint)
- Use:
  - `KUBECTL=(kubectl)`
  - `if [[ -n "$KUBE_CONTEXT" ]]; then KUBECTL+=(--context "$KUBE_CONTEXT"); fi`
  - Call as: `"${KUBECTL[@]}" get ns ...`

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

Imported GitHub PR review comment. Original author: @qodo-code-review[bot] Original URL: https://github.com/carverauto/serviceradar/pull/2983#discussion_r2875979897 Original created: 2026-03-03T04:12:25Z Original path: elixir/web-ng/dev-k8s.sh Original line: 41 --- <img src="https://www.qodo.ai/wp-content/uploads/2025/12/v2-action-required.svg" height="20" alt="Action required"> 1\. Kubectl context parsing bug <code>🐞 Bug</code> <code>✓ Correctness</code> <pre> dev-k8s.sh builds a kubectl command as a single string and executes it via unquoted expansion, which breaks when the kube context contains spaces (common in some environments). This can prevent the script from working at all and yields confusing kubectl errors. </pre> <details> <summary>Agent Prompt</summary> ``` ### Issue description `dev-k8s.sh` constructs `KUBECTL` as a string and executes it via `$KUBECTL ...`, which breaks when `KUBE_CONTEXT` contains spaces (word splitting). Fix by using a bash array for kubectl arguments. ### Issue Context This script is intended for local developer onboarding; it should be robust across typical kubectl context naming conventions. ### Fix Focus Areas - elixir/web-ng/dev-k8s.sh[37-41] - elixir/web-ng/dev-k8s.sh[73-78] ### Suggested approach (implementation hint) - Use: - `KUBECTL=(kubectl)` - `if [[ -n "$KUBE_CONTEXT" ]]; then KUBECTL+=(--context "$KUBE_CONTEXT"); fi` - Call as: `"${KUBECTL[@]}" get ns ...` ``` <code>ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools</code> </details>