2999 chore fix bazel container builds #3019

Merged

mfreeman451 merged 9 commits from refs/pull/3019/head into staging 2026-03-07 17:01:17 +00:00

Conversation 6 Commits 9 Files changed 53 +2584 -1289

mfreeman451 commented 2026-03-07 08:29:03 +00:00 (Migrated from github.com)

Owner

Copy link

Imported from GitHub pull request.

Original GitHub pull request: #3000
Original author: @mfreeman451
Original URL: https://github.com/carverauto/serviceradar/pull/3000
Original created: 2026-03-07T08:29:03Z
Original updated: 2026-03-07T17:01:18Z
Original head: carverauto/serviceradar:2999-chore-fix-bazel-container-builds
Original base: staging
Original merged: 2026-03-07T17:01:17Z by @mfreeman451

IMPORTANT: Please sign the Developer Certificate of Origin

Thank you for your contribution to ServiceRadar. Please note, when contributing, the developer must include
a DCO sign-off statement indicating the DCO acceptance in one commit message. Here
is an example DCO Signed-off-by line in a commit message:

Signed-off-by: J. Doe <j.doe@domain.com>

Describe your changes

Issue ticket number and link

Code checklist before requesting a review

• I have signed the DCO?
• The build completes without errors?
• All tests are passing when running make test?

Imported from GitHub pull request. Original GitHub pull request: #3000 Original author: @mfreeman451 Original URL: https://github.com/carverauto/serviceradar/pull/3000 Original created: 2026-03-07T08:29:03Z Original updated: 2026-03-07T17:01:18Z Original head: carverauto/serviceradar:2999-chore-fix-bazel-container-builds Original base: staging Original merged: 2026-03-07T17:01:17Z by @mfreeman451 --- ## IMPORTANT: Please sign the Developer Certificate of Origin Thank you for your contribution to ServiceRadar. Please note, when contributing, the developer must include a [DCO sign-off statement]( https://developercertificate.org/) indicating the DCO acceptance in one commit message. Here is an example DCO Signed-off-by line in a commit message: ``` Signed-off-by: J. Doe <j.doe@domain.com> ``` ## Describe your changes ## Issue ticket number and link ## Code checklist before requesting a review - [ ] I have signed the DCO? - [ ] The build completes without errors? - [ ] All tests are passing when running make test?

qodo-code-review[bot] commented 2026-03-07 08:29:55 +00:00 (Migrated from github.com)

Author

Owner

Copy link

Imported GitHub PR comment.

Original author: @qodo-code-review[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/3000#issuecomment-4015958994
Original created: 2026-03-07T08:29:55Z

Review Summary by Qodo

Refactor Bazel-native container builds with helper macros and PostgreSQL 18 upgrade

✨ Enhancement 📝 Documentation

Walkthroughs

Description

• **Refactored Bazel container build system** to use helper macros and reduce code duplication in
  docker/images/BUILD.bazel
• **Added new Bazel build macros** for CNPG, Elixir releases, and generic service images
  (cnpg_image.bzl, release_images.bzl, service_images.bzl)
• **Extended APK rootfs helpers** with merging, batching, and post-extraction command support in
  apk.bzl
• **Integrated Bazel wrapper script** at tools/bazel/bazel to ensure proper version management and
  workspace-relative paths
• **Updated Docker auth setup** in release pipeline and CI workflows to use direct script invocation
  instead of Bazel targets
• **Upgraded PostgreSQL from version 16 to 18** across RBE images, docker-compose, and Kubernetes
  fixtures
• **Added Bazel version verification steps** to all CI workflows (release, docker-build, clang-tidy,
  main, tests-rust)
• **Updated MODULE.bazel** with fully qualified registry paths, Alpine 3.23 support, and Kubernetes
  dependencies
• **Added comprehensive documentation** including design document, specification, and task breakdown
  for container build refactoring
• **Updated existing documentation** to reflect new Bazel wrapper location, PostgreSQL 18 upgrade,
  and simplified release pipeline

Diagram

flowchart LR
  A["Bazel Build System"] -->|"Helper Macros"| B["cnpg_image.bzl<br/>release_images.bzl<br/>service_images.bzl"]
  A -->|"Extended Utilities"| C["apk.bzl<br/>Merging & Batching"]
  A -->|"Version Management"| D["tools/bazel/bazel<br/>Wrapper Script"]
  E["CI Workflows"] -->|"Bazel Version Check"| F["release.yml<br/>docker-build.yml<br/>main.yml"]
  E -->|"Docker Auth Setup"| G["Direct Script<br/>Invocation"]
  H["PostgreSQL 16"] -->|"Upgrade to 18"| I["RBE Images<br/>docker-compose<br/>K8s Fixtures"]
  B -->|"Reduces Duplication"| J["docker/images/BUILD.bazel<br/>Refactored"]

File Changes

1. build/buildbuddy/release_pipeline.sh ✨ Enhancement +14/-4

Integrate Bazel wrapper and Docker auth setup

• Added Docker auth setup script invocation before Bazel binary detection
• Changed default Bazel binary from bazelisk to ${REPO_ROOT}/tools/bazel/bazel wrapper
• Improved Bazel binary fallback logic to check wrapper executability first, then bazelisk, then
 bazel
• Updated error message to include the wrapper path in the list of unavailable options

build/buildbuddy/release_pipeline.sh

---

2. docker/images/cnpg_image.bzl ✨ Enhancement +301/-0

Add CNPG custom OCI image build macros

• New file defining custom CNPG OCI image build with PostgreSQL 18 base
• Declares multiple genrule targets for building rootfs layers (glibc, TimescaleDB, AGE, PostGIS
 extensions)
• Implements complex build orchestration for compiling and overlaying database extensions
• Defines final oci_image and oci_load targets for CNPG image packaging

docker/images/cnpg_image.bzl

---

3. docker/images/service_images.bzl ✨ Enhancement +469/-0

Add shared service image build macros

• New file with shared Bazel macros for generic service OCI image packaging
• Provides helper functions for Alpine, Ubuntu, and custom-base service images
• Includes service_layer, declare_service_container_amd64, and
 declare_custom_base_service_container_amd64 macros
• Supports common tools layer, PostgreSQL client symlinks, and environment variable management

docker/images/service_images.bzl

---

View more (30)

4. docker/images/release_images.bzl ✨ Enhancement +431/-0

Add Elixir release image build macros

• New file with Bazel macros for Elixir release-based OCI images
• Implements elixir_release_rootfs_amd64, elixir_release_image_amd64, and related helper
 functions
• Supports build-info layer generation with version and digest metadata
• Provides specialized macro for web-ng release images with Bun runtime layer

docker/images/release_images.bzl

---

5. docker/images/apk.bzl ✨ Enhancement +61/-2

Extend APK rootfs helpers with merging and batching

• Enhanced apk_rootfs_amd64 function with optional post_extract_cmd and visibility parameters
• Added declare_apk_rootfs_targets helper to batch-declare multiple APK rootfs targets
• Added merged_rootfs_amd64 function to merge multiple rootfs tarballs
• Added declare_alpine_netutils_rootfs_amd64 to declare shared Alpine netutils bundle

docker/images/apk.bzl

---

6. MODULE.bazel Dependencies +81/-13

Update base images and add Kubernetes dependencies

• Updated OCI image references to use fully qualified docker.io/library/ registry paths
• Added Alpine 3.23 base image pull configuration
• Added Alpine 3.23 APK package definitions (bash, readline, PostgreSQL 18 client, compression libs)
• Added Kubernetes API machinery and client-go dependencies (io_k8s_apimachinery,
 io_k8s_client_go)

MODULE.bazel

---

7. docker/Dockerfile.rbe ⚙️ Configuration changes +5/-5

Upgrade PostgreSQL to version 18 in RBE image

• Updated PostgreSQL version from 16 to 18 in package installation and environment variables
• Updated CNPG test fixture image reference from 16.6.0-sr3 to 18.3.0-sr2
• Updated all PostgreSQL library paths and pkg-config paths to reference version 18

docker/Dockerfile.rbe

---

8. docker/Dockerfile.rbe-ora9 ⚙️ Configuration changes +5/-5

Upgrade PostgreSQL to version 18 in Oracle Linux RBE image

• Updated PostgreSQL version from 16 to 18 in package installation
• Updated CNPG test fixture image reference from 16.6.0-sr3 to 18.3.0-sr2
• Updated all PostgreSQL library paths to reference /usr/pgsql-18 instead of /usr/pgsql-16

docker/Dockerfile.rbe-ora9

---

9. openspec/changes/refactor-bazel-native-container-builds/design.md 📝 Documentation +95/-0

Add design document for Bazel container build refactor

• New design document outlining refactoring of Bazel-native container builds
• Describes goals, decisions, risks, and migration plan for artifact-first image packaging
• Addresses remote execution safety, multi-arch support, and isolation of exceptional builds like
 CNPG
• Proposes shared image macros and declarative base profiles to replace ad hoc rootfs assembly

openspec/changes/refactor-bazel-native-container-builds/design.md

---

10. openspec/changes/refactor-bazel-native-container-builds/specs/container-image-builds/spec.md 📝 Documentation +68/-0

Add specification for container image build requirements

• New specification file defining requirements for generic service image builds
• Specifies artifact-first packaging, declarative runtime bases, multi-arch indexes, and
 remote-execution safety
• Documents scenarios for Go/Rust services, Elixir releases, and shared runtime base profiles
• Defines isolation requirement for exceptional builds like CNPG

openspec/changes/refactor-bazel-native-container-builds/specs/container-image-builds/spec.md

---

11. openspec/changes/refactor-bazel-native-container-builds/tasks.md 📝 Documentation +35/-0

Add task breakdown for container build refactoring

• New task list for implementing Bazel-native container build refactoring
• Organizes work into six phases: foundation, migration, separation, remote execution, publishing,
 and validation
• Includes 35 specific tasks covering macro development, service migration, and documentation
 updates

openspec/changes/refactor-bazel-native-container-builds/tasks.md

---

12. openspec/changes/refactor-bazel-native-container-builds/proposal.md 📝 Documentation +27/-0

Add proposal for Bazel-native container build refactoring

• New proposal document explaining the rationale and scope of container build refactoring
• Summarizes why, what changes, and impact of moving to artifact-first Bazel image packaging
• Lists affected specs, code, and documentation areas

openspec/changes/refactor-bazel-native-container-builds/proposal.md

---

13. .github/workflows/release.yml ✨ Enhancement +11/-2

Add Bazel version check and simplify Docker auth setup

• Added Bazel version verification step to validate expected version matches resolved version
• Changed Docker auth setup from bazel run //:buildbuddy_setup_docker_auth to direct script
 invocation
• Script now runs with chmod +x and direct execution of ./buildbuddy_setup_docker_auth.sh

.github/workflows/release.yml

---

14. .github/workflows/docker-build.yml ✨ Enhancement +11/-4

Add Bazel version check and simplify Docker auth setup

• Added Bazel version verification step to validate expected version matches resolved version
• Changed Docker auth setup from bazel run to direct script invocation with chmod +x
• Removed -c opt flag from Docker auth setup command

.github/workflows/docker-build.yml

---

15. docs/GHCR_PUBLISHING.md 📝 Documentation +3/-4

Update documentation to use direct script invocation

• Removed reference to //:buildbuddy_setup_docker_auth Bazel target
• Updated BuildBuddy workflow example to remove bazel run invocation of auth setup
• Changed documentation to recommend direct script execution instead of Bazel target wrapper

docs/GHCR_PUBLISHING.md

---

16. docs/RELEASE_PUBLISHING.md 📝 Documentation +2/-3

Update release pipeline documentation

• Removed separate bazel run //:buildbuddy_setup_docker_auth step from pipeline documentation
• Updated description to indicate //build/buildbuddy:release_pipeline now bootstraps Docker auth
 internally
• Simplified pipeline documentation to show single release pipeline target

docs/RELEASE_PUBLISHING.md

---

17. RELEASE.md 📝 Documentation +2/-3

Update release pipeline documentation

• Removed separate bazel run //:buildbuddy_setup_docker_auth step from pipeline documentation
• Updated description to indicate //build/buildbuddy:release_pipeline now bootstraps Docker auth
 internally
• Simplified pipeline documentation to show single release pipeline target

RELEASE.md

---

18. .github/workflows/clang-tidy.yml ✨ Enhancement +9/-0

Add Bazel version verification step

• Added Bazel version verification step to validate expected version matches resolved version
• Ensures consistent Bazel version across CI workflows

.github/workflows/clang-tidy.yml

---

19. .github/workflows/main.yml ✨ Enhancement +9/-0

Add Bazel version verification step

• Added Bazel version verification step to validate expected version matches resolved version
• Ensures consistent Bazel version across CI workflows

.github/workflows/main.yml

---

20. build/bazel/README.md 📝 Documentation +4/-8

Update Bazel tooling README with new location

• Redirects documentation to new location at /tools/bazel/README.md
• Indicates active Bazel wrapper now lives under /tools/bazel
• Removes outdated information about wrapper functionality

build/bazel/README.md

---

21. .github/workflows/tests-rust.yml ✨ Enhancement +9/-0

Add Bazel version verification step

• Added Bazel version verification step to validate expected version matches resolved version
• Ensures consistent Bazel version across CI workflows

.github/workflows/tests-rust.yml

---

22. docker-compose.yml ⚙️ Configuration changes +1/-1

Update CNPG image version in docker-compose

• Updated CNPG service image reference from 16.6.0-sr5 to 18.3.0-sr2
• Reflects upgrade to PostgreSQL 18 base image

docker-compose.yml

---

23. Bazel.md 📝 Documentation +4/-2

Document Bazel version pinning

• Added note about Bazel version pinning via .bazelversion to 9.0.0
• Improved wording about bazelisk installation recommendation
• Clarified that .bazelversion pin is the recommended approach

Bazel.md

---

24. tools/bazel/bazel ✨ Enhancement +17/-0

Add Bazel wrapper script for version management

• New Bazel wrapper script that runs from repository root
• Prefers bazelisk over bazel for version selection
• Ensures .bazelversion, .bazelrc, and workspace-relative paths are picked up

tools/bazel/bazel

---

25. k8s/srql-fixtures/README.md ⚙️ Configuration changes +1/-1

Update CNPG image version in SRQL fixtures

• Updated CNPG cluster image reference from 16.6.0-sr3 to 18.3.0-sr2
• Reflects upgrade to PostgreSQL 18 base image

k8s/srql-fixtures/README.md

---

26. k8s/demo/base/spire/README.md 📝 Documentation +1/-1

Update PostgreSQL version in SPIRE documentation

• Updated CNPG image description from PostgreSQL 16.6 to PostgreSQL 18
• Reflects upgrade to PostgreSQL 18 base image

k8s/demo/base/spire/README.md

---

27. BUILD.md 📝 Documentation +2/-0

Document Bazel version pinning in build guide

• Added note about Bazel version pinning via .bazelversion to 9.0.0
• Added bazel --version command to verification steps

BUILD.md

---

28. tools/bazel/README.md 📝 Documentation +11/-0

Add documentation for Bazel wrapper script

• New documentation file for Bazel wrapper script
• Describes wrapper location, behavior, and usage recommendations
• Explains preference for bazelisk and fallback to bazel

tools/bazel/README.md

---

29. docs/docs/tools.md 📝 Documentation +1/-1

Update tools pod PostgreSQL version documentation

• Updated PostgreSQL client version from unspecified to PostgreSQL 18
• Added specific client tools list: psql, pg_isready, cnpg-sql

docs/docs/tools.md

---

30. go/pkg/mapper/BUILD.bazel ✨ Enhancement +1/-0

Add api_selector.go to mapper library

• Added api_selector.go to the go_library srcs list

go/pkg/mapper/BUILD.bazel

---

31. docker/images/BUILD.bazel ✨ Enhancement +136/-1185

Refactor Bazel build rules to use helper macros

• Refactored Bazel build file to use helper macros instead of inline genrule, pkg_tar, and
 oci_image definitions, significantly reducing code duplication
• Added new load statements for helper functions: declare_alpine_netutils_rootfs_amd64,
 declare_apk_rootfs_targets, declare_cnpg_image_amd64, declare_elixir_release_container_amd64,
 declare_elixir_release_container_with_debs_amd64, declare_web_ng_release_container_amd64,
 declare_common_tools_layer, declare_custom_base_service_container_amd64,
 declare_postgresql_client_symlink_layer, declare_loaded_oci_image_amd64, and
 declare_service_container_amd64
• Consolidated repetitive APK rootfs extraction rules into a single declare_apk_rootfs_targets()
 call with a list of package tuples
• Simplified container image definitions by replacing verbose oci_image and oci_load calls with
 declarative helper macros that handle common patterns

docker/images/BUILD.bazel

---

32. .buildbuddy/workflows.yaml Additional files +0/-1

...

.buildbuddy/workflows.yaml

---

33. BUILD.bazel Additional files +0/-6

...

BUILD.bazel

---

Imported GitHub PR comment. Original author: @qodo-code-review[bot] Original URL: https://github.com/carverauto/serviceradar/pull/3000#issuecomment-4015958994 Original created: 2026-03-07T08:29:55Z --- <h3>Review Summary by Qodo</h3> Refactor Bazel-native container builds with helper macros and PostgreSQL 18 upgrade <code>✨ Enhancement</code> <code>📝 Documentation</code> <img src="https://www.qodo.ai/wp-content/uploads/2025/11/light-grey-line.svg" height="10%" alt="Grey Divider"> <h3>Walkthroughs</h3> <details open> <summary>Description</summary> <br/> <pre> • **Refactored Bazel container build system** to use helper macros and reduce code duplication in <b><i>docker/images/BUILD.bazel</i></b> • **Added new Bazel build macros** for CNPG, Elixir releases, and generic service images (<b><i>cnpg_image.bzl</i></b>, <b><i>release_images.bzl</i></b>, <b><i>service_images.bzl</i></b>) • **Extended APK rootfs helpers** with merging, batching, and post-extraction command support in <b><i>apk.bzl</i></b> • **Integrated Bazel wrapper script** at <b><i>tools/bazel/bazel</i></b> to ensure proper version management and workspace-relative paths • **Updated Docker auth setup** in release pipeline and CI workflows to use direct script invocation instead of Bazel targets • **Upgraded PostgreSQL from version 16 to 18** across RBE images, docker-compose, and Kubernetes fixtures • **Added Bazel version verification steps** to all CI workflows (release, docker-build, clang-tidy, main, tests-rust) • **Updated MODULE.bazel** with fully qualified registry paths, Alpine 3.23 support, and Kubernetes dependencies • **Added comprehensive documentation** including design document, specification, and task breakdown for container build refactoring • **Updated existing documentation** to reflect new Bazel wrapper location, PostgreSQL 18 upgrade, and simplified release pipeline </pre> </details> <details> <summary>Diagram</summary> <br/> > ```mermaid flowchart LR A["Bazel Build System"] -->|"Helper Macros"| B["cnpg_image.bzl<br/>release_images.bzl<br/>service_images.bzl"] A -->|"Extended Utilities"| C["apk.bzl<br/>Merging & Batching"] A -->|"Version Management"| D["tools/bazel/bazel<br/>Wrapper Script"] E["CI Workflows"] -->|"Bazel Version Check"| F["release.yml<br/>docker-build.yml<br/>main.yml"] E -->|"Docker Auth Setup"| G["Direct Script<br/>Invocation"] H["PostgreSQL 16"] -->|"Upgrade to 18"| I["RBE Images<br/>docker-compose<br/>K8s Fixtures"] B -->|"Reduces Duplication"| J["docker/images/BUILD.bazel<br/>Refactored"] ``` </details> <img src="https://www.qodo.ai/wp-content/uploads/2025/11/light-grey-line.svg" height="10%" alt="Grey Divider"> <h3>File Changes</h3> <details> <summary>1. build/buildbuddy/release_pipeline.sh <code>✨ Enhancement</code> <code> +14/-4 </code> </summary> <br/> >Integrate Bazel wrapper and Docker auth setup ><pre> >• Added Docker auth setup script invocation before Bazel binary detection >• Changed default Bazel binary from <b><i>bazelisk</i></b> to <b><i>${REPO_ROOT}/tools/bazel/bazel</i></b> wrapper >• Improved Bazel binary fallback logic to check wrapper executability first, then <b><i>bazelisk</i></b>, then > <b><i>bazel</i></b> >• Updated error message to include the wrapper path in the list of unavailable options ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-08d9d15c1ded8af19dd4d4dcbb2d32ce9eb70118e69a60936a3f2d2f57b93ecf'> build/buildbuddy/release_pipeline.sh </a> <hr/> </details> <details> <summary>2. docker/images/cnpg_image.bzl <code>✨ Enhancement</code> <code> +301/-0 </code> </summary> <br/> >Add CNPG custom OCI image build macros ><pre> >• New file defining custom CNPG OCI image build with PostgreSQL 18 base >• Declares multiple <b><i>genrule</i></b> targets for building rootfs layers (glibc, TimescaleDB, AGE, PostGIS > extensions) >• Implements complex build orchestration for compiling and overlaying database extensions >• Defines final <b><i>oci_image</i></b> and <b><i>oci_load</i></b> targets for CNPG image packaging ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-c7aff9b5303eca10fa399f3fe903b6a1b090fd13417dfcaacede0a9f5bf53034'> docker/images/cnpg_image.bzl </a> <hr/> </details> <details> <summary>3. docker/images/service_images.bzl <code>✨ Enhancement</code> <code> +469/-0 </code> </summary> <br/> >Add shared service image build macros ><pre> >• New file with shared Bazel macros for generic service OCI image packaging >• Provides helper functions for Alpine, Ubuntu, and custom-base service images >• Includes <b><i>service_layer</i></b>, <b><i>declare_service_container_amd64</i></b>, and > <b><i>declare_custom_base_service_container_amd64</i></b> macros >• Supports common tools layer, PostgreSQL client symlinks, and environment variable management ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-16774f48b8952c9ac167002710e1b32dd17714368a22f7c147f434ea286d0b64'> docker/images/service_images.bzl </a> <hr/> </details> <details><summary><ins><strong>View more (30)</strong></ins></summary><br/> <details> <summary>4. docker/images/release_images.bzl <code>✨ Enhancement</code> <code> +431/-0 </code> </summary> <br/> >Add Elixir release image build macros ><pre> >• New file with Bazel macros for Elixir release-based OCI images >• Implements <b><i>elixir_release_rootfs_amd64</i></b>, <b><i>elixir_release_image_amd64</i></b>, and related helper > functions >• Supports build-info layer generation with version and digest metadata >• Provides specialized macro for web-ng release images with Bun runtime layer ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-2b43c3ef6e34b19ca4f0d5535175a13b77c68a47e3bb004095b471ce3428fd7f'> docker/images/release_images.bzl </a> <hr/> </details> <details> <summary>5. docker/images/apk.bzl <code>✨ Enhancement</code> <code> +61/-2 </code> </summary> <br/> >Extend APK rootfs helpers with merging and batching ><pre> >• Enhanced <b><i>apk_rootfs_amd64</i></b> function with optional <b><i>post_extract_cmd</i></b> and <b><i>visibility</i></b> parameters >• Added <b><i>declare_apk_rootfs_targets</i></b> helper to batch-declare multiple APK rootfs targets >• Added <b><i>merged_rootfs_amd64</i></b> function to merge multiple rootfs tarballs >• Added <b><i>declare_alpine_netutils_rootfs_amd64</i></b> to declare shared Alpine netutils bundle ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-7d85233ddb6c8de250c2032e446f7164e632275f1e0b878c7ce511fb9dcfee85'> docker/images/apk.bzl </a> <hr/> </details> <details> <summary>6. MODULE.bazel <code> Dependencies </code> <code> +81/-13 </code> </summary> <br/> >Update base images and add Kubernetes dependencies ><pre> >• Updated OCI image references to use fully qualified <b><i>docker.io/library/</i></b> registry paths >• Added Alpine 3.23 base image pull configuration >• Added Alpine 3.23 APK package definitions (bash, readline, PostgreSQL 18 client, compression libs) >• Added Kubernetes API machinery and client-go dependencies (<b><i>io_k8s_apimachinery</i></b>, > <b><i>io_k8s_client_go</i></b>) ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-6136fc12446089c3db7360e923203dd114b6a1466252e71667c6791c20fe6bdc'> MODULE.bazel </a> <hr/> </details> <details> <summary>7. docker/Dockerfile.rbe <code>⚙️ Configuration changes</code> <code> +5/-5 </code> </summary> <br/> >Upgrade PostgreSQL to version 18 in RBE image ><pre> >• Updated PostgreSQL version from 16 to 18 in package installation and environment variables >• Updated CNPG test fixture image reference from <b><i>16.6.0-sr3</i></b> to <b><i>18.3.0-sr2</i></b> >• Updated all PostgreSQL library paths and pkg-config paths to reference version 18 ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-40936cbae5822a0a5fa8016befa08eb3a7836c93328e8043dcdfb3885a6201b2'> docker/Dockerfile.rbe </a> <hr/> </details> <details> <summary>8. docker/Dockerfile.rbe-ora9 <code>⚙️ Configuration changes</code> <code> +5/-5 </code> </summary> <br/> >Upgrade PostgreSQL to version 18 in Oracle Linux RBE image ><pre> >• Updated PostgreSQL version from 16 to 18 in package installation >• Updated CNPG test fixture image reference from <b><i>16.6.0-sr3</i></b> to <b><i>18.3.0-sr2</i></b> >• Updated all PostgreSQL library paths to reference <b><i>/usr/pgsql-18</i></b> instead of <b><i>/usr/pgsql-16</i></b> ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-c4a73a282f345855c6c173679a1f3dcf26b8cc70e3a0f026bdb0ab0a40b6834d'> docker/Dockerfile.rbe-ora9 </a> <hr/> </details> <details> <summary>9. openspec/changes/refactor-bazel-native-container-builds/design.md <code>📝 Documentation</code> <code> +95/-0 </code> </summary> <br/> >Add design document for Bazel container build refactor ><pre> >• New design document outlining refactoring of Bazel-native container builds >• Describes goals, decisions, risks, and migration plan for artifact-first image packaging >• Addresses remote execution safety, multi-arch support, and isolation of exceptional builds like > CNPG >• Proposes shared image macros and declarative base profiles to replace ad hoc rootfs assembly ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-a48141c44e87a59ddaf8f884c0d7aec186715c332307aba013f65035bf49ace8'> openspec/changes/refactor-bazel-native-container-builds/design.md </a> <hr/> </details> <details> <summary>10. openspec/changes/refactor-bazel-native-container-builds/specs/container-image-builds/spec.md <code>📝 Documentation</code> <code> +68/-0 </code> </summary> <br/> >Add specification for container image build requirements ><pre> >• New specification file defining requirements for generic service image builds >• Specifies artifact-first packaging, declarative runtime bases, multi-arch indexes, and > remote-execution safety >• Documents scenarios for Go/Rust services, Elixir releases, and shared runtime base profiles >• Defines isolation requirement for exceptional builds like CNPG ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-3185327445f732a8896cb2ed1f6064e73444baf30c72c766bd1f2cd969f4f324'> openspec/changes/refactor-bazel-native-container-builds/specs/container-image-builds/spec.md </a> <hr/> </details> <details> <summary>11. openspec/changes/refactor-bazel-native-container-builds/tasks.md <code>📝 Documentation</code> <code> +35/-0 </code> </summary> <br/> >Add task breakdown for container build refactoring ><pre> >• New task list for implementing Bazel-native container build refactoring >• Organizes work into six phases: foundation, migration, separation, remote execution, publishing, > and validation >• Includes 35 specific tasks covering macro development, service migration, and documentation > updates ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-b95ed14af8b70e420b9501acd4fa8fdb35c73cfcb6abc05358cbaef08c8ed353'> openspec/changes/refactor-bazel-native-container-builds/tasks.md </a> <hr/> </details> <details> <summary>12. openspec/changes/refactor-bazel-native-container-builds/proposal.md <code>📝 Documentation</code> <code> +27/-0 </code> </summary> <br/> >Add proposal for Bazel-native container build refactoring ><pre> >• New proposal document explaining the rationale and scope of container build refactoring >• Summarizes why, what changes, and impact of moving to artifact-first Bazel image packaging >• Lists affected specs, code, and documentation areas ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-cdd88ddbb39442d2be79dfc588e7909c9aa7fdb71c1e82deed51364b78801722'> openspec/changes/refactor-bazel-native-container-builds/proposal.md </a> <hr/> </details> <details> <summary>13. .github/workflows/release.yml <code>✨ Enhancement</code> <code> +11/-2 </code> </summary> <br/> >Add Bazel version check and simplify Docker auth setup ><pre> >• Added Bazel version verification step to validate expected version matches resolved version >• Changed Docker auth setup from <b><i>bazel run //:buildbuddy_setup_docker_auth</i></b> to direct script > invocation >• Script now runs with <b><i>chmod +x</i></b> and direct execution of <b><i>./buildbuddy_setup_docker_auth.sh</i></b> ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-87db21a973eed4fef5f32b267aa60fcee5cbdf03c67fafdc2a9b553bb0b15f34'> .github/workflows/release.yml </a> <hr/> </details> <details> <summary>14. .github/workflows/docker-build.yml <code>✨ Enhancement</code> <code> +11/-4 </code> </summary> <br/> >Add Bazel version check and simplify Docker auth setup ><pre> >• Added Bazel version verification step to validate expected version matches resolved version >• Changed Docker auth setup from <b><i>bazel run</i></b> to direct script invocation with <b><i>chmod +x</i></b> >• Removed <b><i>-c opt</i></b> flag from Docker auth setup command ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-3414847e2ad632333f775cabb810f0dc0df61a570365df34750a08b00912fe82'> .github/workflows/docker-build.yml </a> <hr/> </details> <details> <summary>15. docs/GHCR_PUBLISHING.md <code>📝 Documentation</code> <code> +3/-4 </code> </summary> <br/> >Update documentation to use direct script invocation ><pre> >• Removed reference to <b><i>//:buildbuddy_setup_docker_auth</i></b> Bazel target >• Updated BuildBuddy workflow example to remove <b><i>bazel run</i></b> invocation of auth setup >• Changed documentation to recommend direct script execution instead of Bazel target wrapper ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-9050d4ad7d332fde74f286af69514012e30da293ca412f1a03ced08e2c43990a'> docs/GHCR_PUBLISHING.md </a> <hr/> </details> <details> <summary>16. docs/RELEASE_PUBLISHING.md <code>📝 Documentation</code> <code> +2/-3 </code> </summary> <br/> >Update release pipeline documentation ><pre> >• Removed separate <b><i>bazel run //:buildbuddy_setup_docker_auth</i></b> step from pipeline documentation >• Updated description to indicate <b><i>//build/buildbuddy:release_pipeline</i></b> now bootstraps Docker auth > internally >• Simplified pipeline documentation to show single release pipeline target ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-6ca2ba93be21a4d63c3f8a08ff4889a2979a0c281a4bb70dbe15635bd199bc7e'> docs/RELEASE_PUBLISHING.md </a> <hr/> </details> <details> <summary>17. RELEASE.md <code>📝 Documentation</code> <code> +2/-3 </code> </summary> <br/> >Update release pipeline documentation ><pre> >• Removed separate <b><i>bazel run //:buildbuddy_setup_docker_auth</i></b> step from pipeline documentation >• Updated description to indicate <b><i>//build/buildbuddy:release_pipeline</i></b> now bootstraps Docker auth > internally >• Simplified pipeline documentation to show single release pipeline target ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-2b1b69303b927a484e02c7fad9fc87d0d3ff0dc22ae1da0ecd0dc935d922a23c'> RELEASE.md </a> <hr/> </details> <details> <summary>18. .github/workflows/clang-tidy.yml <code>✨ Enhancement</code> <code> +9/-0 </code> </summary> <br/> >Add Bazel version verification step ><pre> >• Added Bazel version verification step to validate expected version matches resolved version >• Ensures consistent Bazel version across CI workflows ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-2b7b9696b464e236f8066c1c1d33c6c91c95160f813e2b3fe59ddf0e83057ebf'> .github/workflows/clang-tidy.yml </a> <hr/> </details> <details> <summary>19. .github/workflows/main.yml <code>✨ Enhancement</code> <code> +9/-0 </code> </summary> <br/> >Add Bazel version verification step ><pre> >• Added Bazel version verification step to validate expected version matches resolved version >• Ensures consistent Bazel version across CI workflows ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-7829468e86c1cc5d5133195b5cb48e1ff6c75e3e9203777f6b2e379d9e4882b3'> .github/workflows/main.yml </a> <hr/> </details> <details> <summary>20. build/bazel/README.md <code>📝 Documentation</code> <code> +4/-8 </code> </summary> <br/> >Update Bazel tooling README with new location ><pre> >• Redirects documentation to new location at <b><i>/tools/bazel/README.md</i></b> >• Indicates active Bazel wrapper now lives under <b><i>/tools/bazel</i></b> >• Removes outdated information about wrapper functionality ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-7db9ba13f8695c024ba5bf51ac9d01d9e9e9d4a5ef80c2d11f6da4a0c2222a8a'> build/bazel/README.md </a> <hr/> </details> <details> <summary>21. .github/workflows/tests-rust.yml <code>✨ Enhancement</code> <code> +9/-0 </code> </summary> <br/> >Add Bazel version verification step ><pre> >• Added Bazel version verification step to validate expected version matches resolved version >• Ensures consistent Bazel version across CI workflows ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-fe45c58ef3e0ce2e65eb15e70842d134358ff957e727155bcfd21cc09ad38940'> .github/workflows/tests-rust.yml </a> <hr/> </details> <details> <summary>22. docker-compose.yml <code>⚙️ Configuration changes</code> <code> +1/-1 </code> </summary> <br/> >Update CNPG image version in docker-compose ><pre> >• Updated CNPG service image reference from <b><i>16.6.0-sr5</i></b> to <b><i>18.3.0-sr2</i></b> >• Reflects upgrade to PostgreSQL 18 base image ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-e45e45baeda1c1e73482975a664062aa56f20c03dd9d64a827aba57775bed0d3'> docker-compose.yml </a> <hr/> </details> <details> <summary>23. Bazel.md <code>📝 Documentation</code> <code> +4/-2 </code> </summary> <br/> >Document Bazel version pinning ><pre> >• Added note about Bazel version pinning via <b><i>.bazelversion</i></b> to <b><i>9.0.0</i></b> >• Improved wording about bazelisk installation recommendation >• Clarified that <b><i>.bazelversion</i></b> pin is the recommended approach ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-6be72dda32c0a6480648cd95071f2266ed166694052974f8137c7f7f650599d0'> Bazel.md </a> <hr/> </details> <details> <summary>24. tools/bazel/bazel <code>✨ Enhancement</code> <code> +17/-0 </code> </summary> <br/> >Add Bazel wrapper script for version management ><pre> >• New Bazel wrapper script that runs from repository root >• Prefers <b><i>bazelisk</i></b> over <b><i>bazel</i></b> for version selection >• Ensures <b><i>.bazelversion</i></b>, <b><i>.bazelrc</i></b>, and workspace-relative paths are picked up ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-a93512a96f59705d6d94444b257a757158130b0dac6828a8dc77900fed2f87f9'> tools/bazel/bazel </a> <hr/> </details> <details> <summary>25. k8s/srql-fixtures/README.md <code>⚙️ Configuration changes</code> <code> +1/-1 </code> </summary> <br/> >Update CNPG image version in SRQL fixtures ><pre> >• Updated CNPG cluster image reference from <b><i>16.6.0-sr3</i></b> to <b><i>18.3.0-sr2</i></b> >• Reflects upgrade to PostgreSQL 18 base image ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-a8ab6f0cb1e9ce4a1dd84e4ebadfa1b588c91ab4187fcbe5c57ce11749fbdff1'> k8s/srql-fixtures/README.md </a> <hr/> </details> <details> <summary>26. k8s/demo/base/spire/README.md <code>📝 Documentation</code> <code> +1/-1 </code> </summary> <br/> >Update PostgreSQL version in SPIRE documentation ><pre> >• Updated CNPG image description from PostgreSQL 16.6 to PostgreSQL 18 >• Reflects upgrade to PostgreSQL 18 base image ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-8b4f234b5a5b8a166a37e898facf84394962c1e6754c0ec13833b2a3cc400f7c'> k8s/demo/base/spire/README.md </a> <hr/> </details> <details> <summary>27. BUILD.md <code>📝 Documentation</code> <code> +2/-0 </code> </summary> <br/> >Document Bazel version pinning in build guide ><pre> >• Added note about Bazel version pinning via <b><i>.bazelversion</i></b> to <b><i>9.0.0</i></b> >• Added <b><i>bazel --version</i></b> command to verification steps ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-40f60e1037245d7b8a98a7325d53890a717da9979adeb54a61a795c4ba07f9c9'> BUILD.md </a> <hr/> </details> <details> <summary>28. tools/bazel/README.md <code>📝 Documentation</code> <code> +11/-0 </code> </summary> <br/> >Add documentation for Bazel wrapper script ><pre> >• New documentation file for Bazel wrapper script >• Describes wrapper location, behavior, and usage recommendations >• Explains preference for <b><i>bazelisk</i></b> and fallback to <b><i>bazel</i></b> ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-370c960b9b12d1a1eb11d17a35a17a8bdc54aee370c15db36ef539994054788e'> tools/bazel/README.md </a> <hr/> </details> <details> <summary>29. docs/docs/tools.md <code>📝 Documentation</code> <code> +1/-1 </code> </summary> <br/> >Update tools pod PostgreSQL version documentation ><pre> >• Updated PostgreSQL client version from unspecified to PostgreSQL 18 >• Added specific client tools list: <b><i>psql</i></b>, <b><i>pg_isready</i></b>, <b><i>cnpg-sql</i></b> ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-a08f8ec3b441a321c6a3b03be04e613b7b8768665cd8ab4a5b30504e1475ee98'> docs/docs/tools.md </a> <hr/> </details> <details> <summary>30. go/pkg/mapper/BUILD.bazel <code>✨ Enhancement</code> <code> +1/-0 </code> </summary> <br/> >Add api_selector.go to mapper library ><pre> >• Added <b><i>api_selector.go</i></b> to the <b><i>go_library</i></b> srcs list ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-9e5f10b3e2980b1c0575d6b37a1830a6c5d18f829608ac5b217e05a73c6d3125'> go/pkg/mapper/BUILD.bazel </a> <hr/> </details> <details> <summary>31. docker/images/BUILD.bazel <code>✨ Enhancement</code> <code> +136/-1185 </code> </summary> <br/> >Refactor Bazel build rules to use helper macros ><pre> >• Refactored Bazel build file to use helper macros instead of inline <b><i>genrule</i></b>, <b><i>pkg_tar</i></b>, and > <b><i>oci_image</i></b> definitions, significantly reducing code duplication >• Added new load statements for helper functions: <b><i>declare_alpine_netutils_rootfs_amd64</i></b>, > <b><i>declare_apk_rootfs_targets</i></b>, <b><i>declare_cnpg_image_amd64</i></b>, <b><i>declare_elixir_release_container_amd64</i></b>, > <b><i>declare_elixir_release_container_with_debs_amd64</i></b>, <b><i>declare_web_ng_release_container_amd64</i></b>, > <b><i>declare_common_tools_layer</i></b>, <b><i>declare_custom_base_service_container_amd64</i></b>, > <b><i>declare_postgresql_client_symlink_layer</i></b>, <b><i>declare_loaded_oci_image_amd64</i></b>, and > <b><i>declare_service_container_amd64</i></b> >• Consolidated repetitive APK rootfs extraction rules into a single <b><i>declare_apk_rootfs_targets()</i></b> > call with a list of package tuples >• Simplified container image definitions by replacing verbose <b><i>oci_image</i></b> and <b><i>oci_load</i></b> calls with > declarative helper macros that handle common patterns ></pre> > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-0e4db31c224a8f72ae8e870a849e38a59d74a2c7f7b04347b0b3eb07e20c5a80'> docker/images/BUILD.bazel </a> <hr/> </details> <details> <summary>32. .buildbuddy/workflows.yaml <code> Additional files </code> <code> +0/-1 </code> </summary> <br/> >... > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-ab6de3b3c2e87a5324595cc6b8656ab7bae1dee7d0c60e0626128e634f71711d'> .buildbuddy/workflows.yaml </a> <hr/> </details> <details> <summary>33. BUILD.bazel <code> Additional files </code> <code> +0/-6 </code> </summary> <br/> >... > ><a href='https://github.com/carverauto/serviceradar/pull/3000/files#diff-7fc57714ef13c3325ce2a1130202edced92fcccc0c6db34a72f7b57f60d552a3'> BUILD.bazel </a> <hr/> </details> </details> <img src="https://www.qodo.ai/wp-content/uploads/2025/11/light-grey-line.svg" height="10%" alt="Grey Divider"> <a href="https://www.qodo.ai"><img src="https://www.qodo.ai/wp-content/uploads/2025/03/qodo-logo.svg" width="80" alt="Qodo Logo"></a>

qodo-code-review[bot] commented 2026-03-07 08:29:56 +00:00 (Migrated from github.com)

Author

Owner

Copy link

Imported GitHub PR comment.

Original author: @qodo-code-review[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/3000#issuecomment-4015959108
Original created: 2026-03-07T08:29:56Z

Code Review by Qodo

🐞 Bugs (2) 📘 Rule violations (2) 📎 Requirement gaps (0)

1. Markdown added outside docs/docs ☑ 📘 Rule violation ✓ Correctness

Description

New Markdown documentation was added under tools/ and openspec/ instead of docs/docs/,
violating the documentation location requirement. This can fragment documentation and break tooling
expectations that scan docs/docs/ only.

Code

tools/bazel/README.md[R1-11]

+# Bazel tooling helpers
+
+This directory houses the repository-local Bazel wrapper used by automation and
+developer workflows.
+
+- [`bazel`](/home/mfreeman/serviceradar/tools/bazel/bazel): Runs from the repo
+  root, prefers `bazelisk`, falls back to `bazel`, and picks up
+  `.bazelversion`, `.bazelrc`, and workspace-relative paths.
+
+Use this wrapper when you want Bazel version selection to come from the
+repository instead of the ambient machine configuration.

Evidence

Compliance ID 7 requires documentation to be added under docs/docs/. This PR adds new Markdown
docs at tools/bazel/README.md and
openspec/changes/refactor-bazel-native-container-builds/proposal.md, which are outside
docs/docs/.

AGENTS.md
tools/bazel/README.md[1-11]
openspec/changes/refactor-bazel-native-container-builds/proposal.md[1-27]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
New Markdown documentation was added outside `docs/docs/`, which violates the repository documentation location requirement.
## Issue Context
This PR introduces new documentation files under `tools/` and `openspec/`.
## Fix Focus Areas
- tools/bazel/README.md[1-11]
- openspec/changes/refactor-bazel-native-container-builds/proposal.md[1-27]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

2. Non-ASCII in srql README 📘 Rule violation ✓ Correctness

Description

The modified Markdown line uses non-ASCII punctuation (for example the en dash –), violating the
ASCII-only Markdown requirement. This can break tooling that assumes ASCII-only docs.

Code

k8s/srql-fixtures/README.md[10]

+- `cnpg-cluster.yaml` – CNPG `Cluster` spec that enables TimescaleDB + AGE using `ghcr.io/carverauto/serviceradar-cnpg:18.3.0-sr2` (matches `docker-compose.yml`).

Evidence

Compliance ID 7 requires Markdown to be ASCII-only. The touched line in
k8s/srql-fixtures/README.md contains an en dash (–), which is non-ASCII.

AGENTS.md
k8s/srql-fixtures/README.md[10-10]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
A modified Markdown line contains non-ASCII punctuation (en dash), violating the ASCII-only Markdown requirement.
## Issue Context
The `k8s/srql-fixtures/README.md` file was updated in this PR and includes non-ASCII characters on a touched line.
## Fix Focus Areas
- k8s/srql-fixtures/README.md[10-10]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

3. BuildBuddy release broken 🐞 Bug ⛯ Reliability

Description

//build/buildbuddy:release_pipeline now tries to execute
${REPO_ROOT}/buildbuddy_setup_docker_auth.sh and use ${REPO_ROOT}/tools/bazel/bazel, but when
launched via bazel run those repo-root paths are not present in the target’s runfiles (and the
target declares no data deps), so Docker auth bootstrapping and wrapper selection will be
skipped/fail and publishing will break in BuildBuddy.

Code

build/buildbuddy/release_pipeline.sh[R25-37]

+DOCKER_AUTH_SCRIPT="${REPO_ROOT}/buildbuddy_setup_docker_auth.sh"
+if [[ -x "${DOCKER_AUTH_SCRIPT}" ]]; then
+    "${DOCKER_AUTH_SCRIPT}"
+fi
+
+DEFAULT_BAZEL_WRAPPER="${REPO_ROOT}/tools/bazel/bazel"
+BAZEL_BINARY="${BAZEL_BINARY:-${DEFAULT_BAZEL_WRAPPER}}"
+if [[ ! -x "${BAZEL_BINARY}" ]]; then
+    if command -v "${BAZEL_BINARY}" >/dev/null 2>&1; then
+        :
+    elif command -v bazelisk >/dev/null 2>&1; then
+        BAZEL_BINARY="bazelisk"
+    elif command -v bazel >/dev/null 2>&1; then

Evidence

The BuildBuddy workflow executes bazel run ... //build/buildbuddy:release_pipeline, but the Bazel
target only includes release_pipeline.sh as a source (no data), so repo-root helper scripts
referenced by ${REPO_ROOT}/... won’t exist in the runfiles tree that Bazel executes from. The
script’s -x check means it will silently skip auth bootstrap rather than failing early.

build/buildbuddy/release_pipeline.sh[4-6]
build/buildbuddy/release_pipeline.sh[25-33]
build/buildbuddy/BUILD.bazel[5-8]
.buildbuddy/workflows.yaml[20-22]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
`build/buildbuddy/release_pipeline.sh` is executed via `bazel run`. In that execution mode, the script runs from a Bazel-created runfiles tree, not the checked-out repository root. The script currently assumes `${REPO_ROOT}` contains repo-root helper scripts (`buildbuddy_setup_docker_auth.sh`, `tools/bazel/bazel`). Those files are not in runfiles (and aren’t declared as `data`), so Docker auth setup can be skipped and the pipeline can fail later during image publishing.
### Issue Context
BuildBuddy uses `.buildbuddy/workflows.yaml` to run `bazel run --config=remote //build/buildbuddy:release_pipeline`. The `release_pipeline` target’s BUILD rule only includes `release_pipeline.sh` as a source.
### Fix Focus Areas
- build/buildbuddy/release_pipeline.sh[4-43]
- build/buildbuddy/BUILD.bazel[5-8]
- .buildbuddy/workflows.yaml[20-22]
### Implementation notes
- Update `REPO_ROOT` resolution to prefer `${BUILD_WORKSPACE_DIRECTORY}` when set.
- Invoke the auth script via `bash "$REPO_ROOT/buildbuddy_setup_docker_auth.sh"` (don’t require exec bit), and emit an explicit warning/error if it’s missing.
- Consider removing the `[[ -x ... ]]` silent skip; for release workflows it’s better to fail early if auth bootstrap cannot run.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

4. Docs use absolute paths 🐞 Bug ✓ Correctness

Description

The updated Bazel wrapper docs include hard-coded /home/mfreeman/serviceradar/... links; these
will be broken for other developers and in GitHub, and they unnecessarily leak a contributor’s local
filesystem path.

Code

build/bazel/README.md[R3-7]

+The active Bazel wrapper now lives under
+[`/tools/bazel`](/home/mfreeman/serviceradar/tools/bazel).
-- `bazel`: Delegates to `bazelisk`, ensuring commands run from the repository
-  root so they pick up `.bazelversion`, `.bazelrc`, and workspace-relative
-  paths. Use it in automation (for example, `./tools/bazel/bazel test //...`).
-
-Add new helpers for common workflows (formatting, query utilities, etc.) as the
-migration progresses.
+See [`/tools/bazel/README.md`](/home/mfreeman/serviceradar/tools/bazel/README.md)
+for the current wrapper entrypoint and usage notes.

Evidence

Both files embed /home/mfreeman/serviceradar/... in markdown links, which only work on the
author’s machine and will not resolve in other environments.

build/bazel/README.md[3-7]
tools/bazel/README.md[6-8]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
Docs link to `/home/mfreeman/serviceradar/...`, which is machine-specific and breaks for other readers.
### Issue Context
These docs are intended to guide contributors and CI usage; links should be portable and GitHub-friendly.
### Fix Focus Areas
- build/bazel/README.md[1-7]
- tools/bazel/README.md[1-11]
### Suggested changes
- In `build/bazel/README.md`, link to `../../tools/bazel` (or similar relative path).
- In `tools/bazel/README.md`, link to `./bazel`.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

ⓘ The new review experience is currently in Beta. Learn more

Imported GitHub PR comment. Original author: @qodo-code-review[bot] Original URL: https://github.com/carverauto/serviceradar/pull/3000#issuecomment-4015959108 Original created: 2026-03-07T08:29:56Z --- <h3>Code Review by Qodo</h3> <code>🐞 Bugs (2)</code> <code>📘 Rule violations (2)</code> <code>📎 Requirement gaps (0)</code> <img src="https://www.qodo.ai/wp-content/uploads/2025/11/light-grey-line.svg" height="10%" alt="Grey Divider"> <br/> <img src="https://www.qodo.ai/wp-content/uploads/2026/01/action-required.png" height="20" alt="Action required"> <details> <summary> 1. <s>Markdown added outside <b><i>docs/docs</i></b></s> ☑ <code>📘 Rule violation</code> <code>✓ Correctness</code></summary> <br/> > <details open> ><summary>Description</summary> ><br/> > ><pre> >New Markdown documentation was added under <b><i>tools/</i></b> and <b><i>openspec/</i></b> instead of <b><i>docs/docs/</i></b>, >violating the documentation location requirement. This can fragment documentation and break tooling >expectations that scan <b><i>docs/docs/</i></b> only. ></pre> ></details> > <details open> ><summary>Code</summary> ><br/> > ><code>[tools/bazel/README.md[R1-11]](https://github.com/carverauto/serviceradar/pull/3000/files#diff-370c960b9b12d1a1eb11d17a35a17a8bdc54aee370c15db36ef539994054788eR1-R11)</code> > >```diff >+# Bazel tooling helpers >+ >+This directory houses the repository-local Bazel wrapper used by automation and >+developer workflows. >+ >+- [`bazel`](/home/mfreeman/serviceradar/tools/bazel/bazel): Runs from the repo >+ root, prefers `bazelisk`, falls back to `bazel`, and picks up >+ `.bazelversion`, `.bazelrc`, and workspace-relative paths. >+ >+Use this wrapper when you want Bazel version selection to come from the >+repository instead of the ambient machine configuration. >``` ></details> > <details > ><summary>Evidence</summary> ><br/> > ><pre> >Compliance ID 7 requires documentation to be added under <b><i>docs/docs/</i></b>. This PR adds new Markdown >docs at <b><i>tools/bazel/README.md</i></b> and ><b><i>openspec/changes/refactor-bazel-native-container-builds/proposal.md</i></b>, which are outside ><b><i>docs/docs/</i></b>. ></pre> > > <code>AGENTS.md</code> > <code>[tools/bazel/README.md[1-11]](https://github.com/carverauto/serviceradar/blob/b55d4bba25cce24763093560017f41b54e1c634f/tools/bazel/README.md/#L1-L11)</code> > <code>[openspec/changes/refactor-bazel-native-container-builds/proposal.md[1-27]](https://github.com/carverauto/serviceradar/blob/b55d4bba25cce24763093560017f41b54e1c634f/openspec/changes/refactor-bazel-native-container-builds/proposal.md/#L1-L27)</code> ></details> > <details> ><summary>Agent prompt</summary> ><br/> > >``` >The issue below was found during a code review. Follow the provided context and guidance below and implement a solution > >## Issue description >New Markdown documentation was added outside `docs/docs/`, which violates the repository documentation location requirement. >## Issue Context >This PR introduces new documentation files under `tools/` and `openspec/`. >## Fix Focus Areas >- tools/bazel/README.md[1-11] >- openspec/changes/refactor-bazel-native-container-builds/proposal.md[1-27] >``` > <code>ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools</code> ></details> <hr/> </details> <details> <summary> 2. Non-ASCII in srql README <code>📘 Rule violation</code> <code>✓ Correctness</code></summary> <br/> > <details open> ><summary>Description</summary> ><br/> > ><pre> >The modified Markdown line uses non-ASCII punctuation (for example the en dash <b><i>–</i></b>), violating the >ASCII-only Markdown requirement. This can break tooling that assumes ASCII-only docs. ></pre> ></details> > <details open> ><summary>Code</summary> ><br/> > ><code>[k8s/srql-fixtures/README.md[10]](https://github.com/carverauto/serviceradar/pull/3000/files#diff-a8ab6f0cb1e9ce4a1dd84e4ebadfa1b588c91ab4187fcbe5c57ce11749fbdff1R10-R10)</code> > >```diff >+- `cnpg-cluster.yaml` – CNPG `Cluster` spec that enables TimescaleDB + AGE using `ghcr.io/carverauto/serviceradar-cnpg:18.3.0-sr2` (matches `docker-compose.yml`). >``` ></details> > <details > ><summary>Evidence</summary> ><br/> > ><pre> >Compliance ID 7 requires Markdown to be ASCII-only. The touched line in ><b><i>k8s/srql-fixtures/README.md</i></b> contains an en dash (<b><i>–</i></b>), which is non-ASCII. ></pre> > > <code>AGENTS.md</code> > <code>[k8s/srql-fixtures/README.md[10-10]](https://github.com/carverauto/serviceradar/blob/b55d4bba25cce24763093560017f41b54e1c634f/k8s/srql-fixtures/README.md/#L10-L10)</code> ></details> > <details> ><summary>Agent prompt</summary> ><br/> > >``` >The issue below was found during a code review. Follow the provided context and guidance below and implement a solution > >## Issue description >A modified Markdown line contains non-ASCII punctuation (en dash), violating the ASCII-only Markdown requirement. >## Issue Context >The `k8s/srql-fixtures/README.md` file was updated in this PR and includes non-ASCII characters on a touched line. >## Fix Focus Areas >- k8s/srql-fixtures/README.md[10-10] >``` > <code>ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools</code> ></details> <hr/> </details> <details> <summary> 3. BuildBuddy release broken <code>🐞 Bug</code> <code>⛯ Reliability</code></summary> <br/> > <details open> ><summary>Description</summary> ><br/> > ><pre> ><b><i>//build/buildbuddy:release_pipeline</i></b> now tries to execute ><b><i>${REPO_ROOT}/buildbuddy_setup_docker_auth.sh</i></b> and use <b><i>${REPO_ROOT}/tools/bazel/bazel</i></b>, but when >launched via <b><i>bazel run</i></b> those repo-root paths are not present in the target’s runfiles (and the >target declares no data deps), so Docker auth bootstrapping and wrapper selection will be >skipped/fail and publishing will break in BuildBuddy. ></pre> ></details> > <details open> ><summary>Code</summary> ><br/> > ><code>[build/buildbuddy/release_pipeline.sh[R25-37]](https://github.com/carverauto/serviceradar/pull/3000/files#diff-08d9d15c1ded8af19dd4d4dcbb2d32ce9eb70118e69a60936a3f2d2f57b93ecfR25-R37)</code> > >```diff >+DOCKER_AUTH_SCRIPT="${REPO_ROOT}/buildbuddy_setup_docker_auth.sh" >+if [[ -x "${DOCKER_AUTH_SCRIPT}" ]]; then >+ "${DOCKER_AUTH_SCRIPT}" >+fi >+ >+DEFAULT_BAZEL_WRAPPER="${REPO_ROOT}/tools/bazel/bazel" >+BAZEL_BINARY="${BAZEL_BINARY:-${DEFAULT_BAZEL_WRAPPER}}" >+if [[ ! -x "${BAZEL_BINARY}" ]]; then >+ if command -v "${BAZEL_BINARY}" >/dev/null 2>&1; then >+ : >+ elif command -v bazelisk >/dev/null 2>&1; then >+ BAZEL_BINARY="bazelisk" >+ elif command -v bazel >/dev/null 2>&1; then >``` ></details> > <details > ><summary>Evidence</summary> ><br/> > ><pre> >The BuildBuddy workflow executes <b><i>bazel run ... //build/buildbuddy:release_pipeline</i></b>, but the Bazel >target only includes <b><i>release_pipeline.sh</i></b> as a source (no <b><i>data</i></b>), so repo-root helper scripts >referenced by <b><i>${REPO_ROOT}/...</i></b> won’t exist in the runfiles tree that Bazel executes from. The >script’s <b><i>-x</i></b> check means it will silently skip auth bootstrap rather than failing early. ></pre> > > <code>[build/buildbuddy/release_pipeline.sh[4-6]](https://github.com/carverauto/serviceradar/blob/b55d4bba25cce24763093560017f41b54e1c634f/build/buildbuddy/release_pipeline.sh/#L4-L6)</code> > <code>[build/buildbuddy/release_pipeline.sh[25-33]](https://github.com/carverauto/serviceradar/blob/b55d4bba25cce24763093560017f41b54e1c634f/build/buildbuddy/release_pipeline.sh/#L25-L33)</code> > <code>[build/buildbuddy/BUILD.bazel[5-8]](https://github.com/carverauto/serviceradar/blob/b55d4bba25cce24763093560017f41b54e1c634f/build/buildbuddy/BUILD.bazel/#L5-L8)</code> > <code>[.buildbuddy/workflows.yaml[20-22]](https://github.com/carverauto/serviceradar/blob/b55d4bba25cce24763093560017f41b54e1c634f/.buildbuddy/workflows.yaml/#L20-L22)</code> ></details> > <details> ><summary>Agent prompt</summary> ><br/> > >``` >The issue below was found during a code review. Follow the provided context and guidance below and implement a solution > >## Issue description >`build/buildbuddy/release_pipeline.sh` is executed via `bazel run`. In that execution mode, the script runs from a Bazel-created runfiles tree, not the checked-out repository root. The script currently assumes `${REPO_ROOT}` contains repo-root helper scripts (`buildbuddy_setup_docker_auth.sh`, `tools/bazel/bazel`). Those files are not in runfiles (and aren’t declared as `data`), so Docker auth setup can be skipped and the pipeline can fail later during image publishing. >### Issue Context >BuildBuddy uses `.buildbuddy/workflows.yaml` to run `bazel run --config=remote //build/buildbuddy:release_pipeline`. The `release_pipeline` target’s BUILD rule only includes `release_pipeline.sh` as a source. >### Fix Focus Areas >- build/buildbuddy/release_pipeline.sh[4-43] >- build/buildbuddy/BUILD.bazel[5-8] >- .buildbuddy/workflows.yaml[20-22] >### Implementation notes >- Update `REPO_ROOT` resolution to prefer `${BUILD_WORKSPACE_DIRECTORY}` when set. >- Invoke the auth script via `bash &amp;amp;amp;amp;quot;$REPO_ROOT/buildbuddy_setup_docker_auth.sh&amp;amp;amp;amp;quot;` (don’t require exec bit), and emit an explicit warning/error if it’s missing. >- Consider removing the `[[ -x ... ]]` silent skip; for release workflows it’s better to fail early if auth bootstrap cannot run. >``` > <code>ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools</code> ></details> <hr/> </details> <br/> <img src="https://www.qodo.ai/wp-content/uploads/2026/01/review-recommended.png" height="20" alt="Remediation recommended"> <details> <summary> 4. Docs use absolute paths <code>🐞 Bug</code> <code>✓ Correctness</code></summary> <br/> > <details open> ><summary>Description</summary> ><br/> > ><pre> >The updated Bazel wrapper docs include hard-coded <b><i>/home/mfreeman/serviceradar/...</i></b> links; these >will be broken for other developers and in GitHub, and they unnecessarily leak a contributor’s local >filesystem path. ></pre> ></details> > <details open> ><summary>Code</summary> ><br/> > ><code>[build/bazel/README.md[R3-7]](https://github.com/carverauto/serviceradar/pull/3000/files#diff-7db9ba13f8695c024ba5bf51ac9d01d9e9e9d4a5ef80c2d11f6da4a0c2222a8aR3-R7)</code> > >```diff >+The active Bazel wrapper now lives under >+[`/tools/bazel`](/home/mfreeman/serviceradar/tools/bazel). >-- `bazel`: Delegates to `bazelisk`, ensuring commands run from the repository >- root so they pick up `.bazelversion`, `.bazelrc`, and workspace-relative >- paths. Use it in automation (for example, `./tools/bazel/bazel test //...`). >- >-Add new helpers for common workflows (formatting, query utilities, etc.) as the >-migration progresses. >+See [`/tools/bazel/README.md`](/home/mfreeman/serviceradar/tools/bazel/README.md) >+for the current wrapper entrypoint and usage notes. >``` ></details> > <details > ><summary>Evidence</summary> ><br/> > ><pre> >Both files embed <b><i>/home/mfreeman/serviceradar/...</i></b> in markdown links, which only work on the >author’s machine and will not resolve in other environments. ></pre> > > <code>[build/bazel/README.md[3-7]](https://github.com/carverauto/serviceradar/blob/b55d4bba25cce24763093560017f41b54e1c634f/build/bazel/README.md/#L3-L7)</code> > <code>[tools/bazel/README.md[6-8]](https://github.com/carverauto/serviceradar/blob/b55d4bba25cce24763093560017f41b54e1c634f/tools/bazel/README.md/#L6-L8)</code> ></details> > <details> ><summary>Agent prompt</summary> ><br/> > >``` >The issue below was found during a code review. Follow the provided context and guidance below and implement a solution > >## Issue description >Docs link to `/home/mfreeman/serviceradar/...`, which is machine-specific and breaks for other readers. >### Issue Context >These docs are intended to guide contributors and CI usage; links should be portable and GitHub-friendly. >### Fix Focus Areas >- build/bazel/README.md[1-7] >- tools/bazel/README.md[1-11] >### Suggested changes >- In `build/bazel/README.md`, link to `../../tools/bazel` (or similar relative path). >- In `tools/bazel/README.md`, link to `./bazel`. >``` > <code>ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools</code> ></details> <hr/> </details> <img src="https://www.qodo.ai/wp-content/uploads/2025/11/light-grey-line.svg" height="10%" alt="Grey Divider"> <pre>ⓘ The new review experience is currently in Beta. <a href="https://docs.qodo.ai/qodo-documentation/code-review">Learn more</a></pre> <img src="https://www.qodo.ai/wp-content/uploads/2025/11/light-grey-line.svg" height="10%" alt="Grey Divider"> <a href="https://www.qodo.ai"><img src="https://www.qodo.ai/wp-content/uploads/2025/03/qodo-logo.svg" width="80" alt="Qodo Logo"></a>

qodo-code-review[bot] commented 2026-03-07 08:34:41 +00:00 (Migrated from github.com)

Author

Owner

Copy link

Imported GitHub PR review comment.

Original author: @qodo-code-review[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/3000#discussion_r2899314318
Original created: 2026-03-07T08:34:41Z
Original path: tools/bazel/README.md
Original line: 11

1. Markdown added outside docs/docs 📘 Rule violation ✓ Correctness

New Markdown documentation was added under tools/ and openspec/ instead of docs/docs/,
violating the documentation location requirement. This can fragment documentation and break tooling
expectations that scan docs/docs/ only.

Agent Prompt

## Issue description
New Markdown documentation was added outside `docs/docs/`, which violates the repository documentation location requirement.

## Issue Context
This PR introduces new documentation files under `tools/` and `openspec/`.

## Fix Focus Areas
- tools/bazel/README.md[1-11]
- openspec/changes/refactor-bazel-native-container-builds/proposal.md[1-27]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

Imported GitHub PR review comment. Original author: @qodo-code-review[bot] Original URL: https://github.com/carverauto/serviceradar/pull/3000#discussion_r2899314318 Original created: 2026-03-07T08:34:41Z Original path: tools/bazel/README.md Original line: 11 --- <img src="https://www.qodo.ai/wp-content/uploads/2025/12/v2-action-required.svg" height="20" alt="Action required"> 1\. Markdown added outside <b><i>docs/docs</i></b> <code>📘 Rule violation</code> <code>✓ Correctness</code> <pre> New Markdown documentation was added under <b><i>tools/</i></b> and <b><i>openspec/</i></b> instead of <b><i>docs/docs/</i></b>, violating the documentation location requirement. This can fragment documentation and break tooling expectations that scan <b><i>docs/docs/</i></b> only. </pre> <details> <summary><strong>Agent Prompt</strong></summary> ``` ## Issue description New Markdown documentation was added outside `docs/docs/`, which violates the repository documentation location requirement. ## Issue Context This PR introduces new documentation files under `tools/` and `openspec/`. ## Fix Focus Areas - tools/bazel/README.md[1-11] - openspec/changes/refactor-bazel-native-container-builds/proposal.md[1-27] ``` <code>ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools</code> </details>

qodo-code-review[bot] commented 2026-03-07 08:34:41 +00:00 (Migrated from github.com)

Author

Owner

Copy link

Imported GitHub PR review comment.

Original author: @qodo-code-review[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/3000#discussion_r2899314319
Original created: 2026-03-07T08:34:41Z
Original path: k8s/srql-fixtures/README.md
Original line: 10

2. Non-ascii in srql readme 📘 Rule violation ✓ Correctness

The modified Markdown line uses non-ASCII punctuation (for example the en dash –), violating the
ASCII-only Markdown requirement. This can break tooling that assumes ASCII-only docs.

Agent Prompt

## Issue description
A modified Markdown line contains non-ASCII punctuation (en dash), violating the ASCII-only Markdown requirement.

## Issue Context
The `k8s/srql-fixtures/README.md` file was updated in this PR and includes non-ASCII characters on a touched line.

## Fix Focus Areas
- k8s/srql-fixtures/README.md[10-10]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

Imported GitHub PR review comment. Original author: @qodo-code-review[bot] Original URL: https://github.com/carverauto/serviceradar/pull/3000#discussion_r2899314319 Original created: 2026-03-07T08:34:41Z Original path: k8s/srql-fixtures/README.md Original line: 10 --- <img src="https://www.qodo.ai/wp-content/uploads/2025/12/v2-action-required.svg" height="20" alt="Action required"> 2\. Non-ascii in srql readme <code>📘 Rule violation</code> <code>✓ Correctness</code> <pre> The modified Markdown line uses non-ASCII punctuation (for example the en dash <b><i>–</i></b>), violating the ASCII-only Markdown requirement. This can break tooling that assumes ASCII-only docs. </pre> <details> <summary><strong>Agent Prompt</strong></summary> ``` ## Issue description A modified Markdown line contains non-ASCII punctuation (en dash), violating the ASCII-only Markdown requirement. ## Issue Context The `k8s/srql-fixtures/README.md` file was updated in this PR and includes non-ASCII characters on a touched line. ## Fix Focus Areas - k8s/srql-fixtures/README.md[10-10] ``` <code>ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools</code> </details>

qodo-code-review[bot] commented 2026-03-07 08:34:41 +00:00 (Migrated from github.com)

Author

Owner

Copy link

Imported GitHub PR review comment.

Original author: @qodo-code-review[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/3000#discussion_r2899314320
Original created: 2026-03-07T08:34:41Z
Original path: build/buildbuddy/release_pipeline.sh
Original line: 37

3. Buildbuddy release broken 🐞 Bug ⛯ Reliability

//build/buildbuddy:release_pipeline now tries to execute
${REPO_ROOT}/buildbuddy_setup_docker_auth.sh and use ${REPO_ROOT}/tools/bazel/bazel, but when
launched via bazel run those repo-root paths are not present in the target’s runfiles (and the
target declares no data deps), so Docker auth bootstrapping and wrapper selection will be
skipped/fail and publishing will break in BuildBuddy.

Agent Prompt

### Issue description
`build/buildbuddy/release_pipeline.sh` is executed via `bazel run`. In that execution mode, the script runs from a Bazel-created runfiles tree, not the checked-out repository root. The script currently assumes `${REPO_ROOT}` contains repo-root helper scripts (`buildbuddy_setup_docker_auth.sh`, `tools/bazel/bazel`). Those files are not in runfiles (and aren’t declared as `data`), so Docker auth setup can be skipped and the pipeline can fail later during image publishing.

### Issue Context
BuildBuddy uses `.buildbuddy/workflows.yaml` to run `bazel run --config=remote //build/buildbuddy:release_pipeline`. The `release_pipeline` target’s BUILD rule only includes `release_pipeline.sh` as a source.

### Fix Focus Areas
- build/buildbuddy/release_pipeline.sh[4-43]
- build/buildbuddy/BUILD.bazel[5-8]
- .buildbuddy/workflows.yaml[20-22]

### Implementation notes
- Update `REPO_ROOT` resolution to prefer `${BUILD_WORKSPACE_DIRECTORY}` when set.
- Invoke the auth script via `bash "$REPO_ROOT/buildbuddy_setup_docker_auth.sh"` (don’t require exec bit), and emit an explicit warning/error if it’s missing.
- Consider removing the `[[ -x ... ]]` silent skip; for release workflows it’s better to fail early if auth bootstrap cannot run.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

Imported GitHub PR review comment. Original author: @qodo-code-review[bot] Original URL: https://github.com/carverauto/serviceradar/pull/3000#discussion_r2899314320 Original created: 2026-03-07T08:34:41Z Original path: build/buildbuddy/release_pipeline.sh Original line: 37 --- <img src="https://www.qodo.ai/wp-content/uploads/2025/12/v2-action-required.svg" height="20" alt="Action required"> 3\. Buildbuddy release broken <code>🐞 Bug</code> <code>⛯ Reliability</code> <pre> <b><i>//build/buildbuddy:release_pipeline</i></b> now tries to execute <b><i>${REPO_ROOT}/buildbuddy_setup_docker_auth.sh</i></b> and use <b><i>${REPO_ROOT}/tools/bazel/bazel</i></b>, but when launched via <b><i>bazel run</i></b> those repo-root paths are not present in the target’s runfiles (and the target declares no data deps), so Docker auth bootstrapping and wrapper selection will be skipped/fail and publishing will break in BuildBuddy. </pre> <details> <summary><strong>Agent Prompt</strong></summary> ``` ### Issue description `build/buildbuddy/release_pipeline.sh` is executed via `bazel run`. In that execution mode, the script runs from a Bazel-created runfiles tree, not the checked-out repository root. The script currently assumes `${REPO_ROOT}` contains repo-root helper scripts (`buildbuddy_setup_docker_auth.sh`, `tools/bazel/bazel`). Those files are not in runfiles (and aren’t declared as `data`), so Docker auth setup can be skipped and the pipeline can fail later during image publishing. ### Issue Context BuildBuddy uses `.buildbuddy/workflows.yaml` to run `bazel run --config=remote //build/buildbuddy:release_pipeline`. The `release_pipeline` target’s BUILD rule only includes `release_pipeline.sh` as a source. ### Fix Focus Areas - build/buildbuddy/release_pipeline.sh[4-43] - build/buildbuddy/BUILD.bazel[5-8] - .buildbuddy/workflows.yaml[20-22] ### Implementation notes - Update `REPO_ROOT` resolution to prefer `${BUILD_WORKSPACE_DIRECTORY}` when set. - Invoke the auth script via `bash "$REPO_ROOT/buildbuddy_setup_docker_auth.sh"` (don’t require exec bit), and emit an explicit warning/error if it’s missing. - Consider removing the `[[ -x ... ]]` silent skip; for release workflows it’s better to fail early if auth bootstrap cannot run. ``` <code>ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools</code> </details>

qodo-code-review[bot] commented 2026-03-07 16:40:46 +00:00 (Migrated from github.com)

Author

Owner

Copy link

Imported GitHub PR comment.

Original author: @qodo-code-review[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/3000#issuecomment-4016882009
Original created: 2026-03-07T16:40:46Z

CI Feedback 🧐

(Feedback updated until commit github.com/carverauto/serviceradar@b55d4bba25)

A test triggered by this PR failed. Here is an AI-generated analysis of the failure:

Action: build-and-push

Failed stage: Build and push Docker image [❌]

Failed test name: ""

Failure summary: The action failed during the Docker/buildx image build because a dnf install step could not resolve dependencies: - dnf reported: cannot install the best candidate for the job because libbpf-devel-2:1.5.0-2.0.2.el9.x86_64 (from repo ol9_developer) requires libbpf = 2:1.5.0-2.0.2.el9, but no repository provided that exact libbpf package version (lines 936-940). - This caused the build step (RUN dnf ... && dnf install -y ... libbpf-devel ...) to exit with code 1, and buildx aborted with failed to solve (lines 940-1015). A later warning during post-job cleanup shows a Git submodule configuration issue: - fatal: No url found for submodule path swift/FieldSurvey/LocalPackages/arrow-swift in .gitmodules (line 1063), but this appears after the primary buildx failure and is not the root cause of the action failure.

Relevant error logs: 1: ##[group]Runner Image Provisioner 2: Hosted Compute Agent ... 921: #10 99.28 Transaction test succeeded. 922: #10 99.28 Running transaction 923: #10 99.28 Preparing : 1/1 924: #10 99.29 Installing : zfs-release-2-3.el9.noarch 1/1 925: #10 99.29 Running scriptlet: zfs-release-2-3.el9.noarch 1/1 926: #10 99.34 Verifying : zfs-release-2-3.el9.noarch 1/1 927: #10 99.46 928: #10 99.46 Installed: 929: #10 99.46 zfs-release-2-3.el9.noarch 930: #10 99.46 931: #10 99.46 Complete! 932: #10 103.1 Last metadata expiration check: 0:00:03 ago on Sat Mar 7 16:41:27 2026. 933: #10 103.4 Package ca-certificates-2025.2.80_v9.0.305-91.el9.noarch is already installed. 934: #10 103.4 Package curl-7.76.1-35.el9_7.3.x86_64 is already installed. 935: #10 103.5 Package tar-2:1.34-9.el9_7.x86_64 is already installed. 936: #10 103.6 Error: 937: #10 103.6 Problem: cannot install the best candidate for the job 938: #10 103.6 - nothing provides libbpf = 2:1.5.0-2.0.2.el9 needed by libbpf-devel-2:1.5.0-2.0.2.el9.x86_64 from ol9_developer 939: #10 103.6 (try to add '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages) 940: #10 ERROR: process "/bin/bash -lc dnf install -y oracle-epel-release-el9 oraclelinux-developer-release-el9 && dnf config-manager --enable ol9_codeready_builder && dnf install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-9-x86_64/pgdg-redhat-repo-latest.noarch.rpm && dnf install -y https://zfsonlinux.org/epel/zfs-release-2-3.el9.noarch.rpm && dnf -qy module disable postgresql && dnf install -y libzfs5-devel libuuid-devel libblkid-devel libtirpc-devel skopeo iptables gcc-toolset-13 bpftool ca-certificates clang curl createrepo_c git gmp-devel libbpf-devel libev-devel libzstd-devel llvm llvm-libs lz4-devel m4 make openssl-devel patch perl pkgconfig postgresql18-devel protobuf-compiler protobuf-devel rpm-build rpm-sign rpmdevtools redhat-rpm-config rsync tar unzip which zlib-devel && dnf clean all && ldconfig" did not complete successfully: exit code: 1 941: ------ 942: > [stage-0 2/10] RUN dnf install -y oracle-epel-release-el9 oraclelinux-developer-release-el9 && dnf config-manager --enable ol9_codeready_builder && dnf install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-9-x86_64/pgdg-redhat-repo-latest.noarch.rpm && dnf install -y https://zfsonlinux.org/epel/zfs-release-2-3.el9.noarch.rpm && dnf -qy module disable postgresql && dnf install -y libzfs5-devel libuuid-devel libblkid-devel libtirpc-devel skopeo iptables gcc-toolset-13 bpftool ca-certificates clang curl createrepo_c git gmp-devel libbpf-devel libev-devel libzstd-devel llvm llvm-libs lz4-devel m4 make openssl-devel patch perl pkgconfig postgresql18-devel protobuf-compiler protobuf-devel rpm-build rpm-sign rpmdevtools redhat-rpm-config rsync tar unzip which zlib-devel && dnf clean all && ldconfig: 943: 99.46 944: 99.46 Complete! 945: 103.1 Last metadata expiration check: 0:00:03 ago on Sat Mar 7 16:41:27 2026. 946: 103.4 Package ca-certificates-2025.2.80_v9.0.305-91.el9.noarch is already installed. 947: 103.4 Package curl-7.76.1-35.el9_7.3.x86_64 is already installed. 948: 103.5 Package tar-2:1.34-9.el9_7.x86_64 is already installed. 949: 103.6 Error: 950: 103.6 Problem: cannot install the best candidate for the job ... 993: 43 | >>> protobuf-compiler \ 994: 44 | >>> protobuf-devel \ 995: 45 | >>> rpm-build \ 996: 46 | >>> rpm-sign \ 997: 47 | >>> rpmdevtools \ 998: 48 | >>> redhat-rpm-config \ 999: 49 | >>> rsync \ 1000: 50 | >>> tar \ 1001: 51 | >>> unzip \ 1002: 52 | >>> which \ 1003: 53 | >>> zlib-devel \ 1004: 54 | >>> && dnf clean all \ 1005: 55 | >>> && ldconfig 1006: 56 | 1007: -------------------- 1008: ERROR: failed to build: failed to solve: process "/bin/bash -lc dnf install -y oracle-epel-release-el9 oraclelinux-developer-release-el9 && dnf config-manager --enable ol9_codeready_builder && dnf install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-9-x86_64/pgdg-redhat-repo-latest.noarch.rpm && dnf install -y https://zfsonlinux.org/epel/zfs-release-2-3.el9.noarch.rpm && dnf -qy module disable postgresql && dnf install -y libzfs5-devel libuuid-devel libblkid-devel libtirpc-devel skopeo iptables gcc-toolset-13 bpftool ca-certificates clang curl createrepo_c git gmp-devel libbpf-devel libev-devel libzstd-devel llvm llvm-libs lz4-devel m4 make openssl-devel patch perl pkgconfig postgresql18-devel protobuf-compiler protobuf-devel rpm-build rpm-sign rpmdevtools redhat-rpm-config rsync tar unzip which zlib-devel && dnf clean all && ldconfig" did not complete successfully: exit code: 1 1009: ##[group]Reference 1010: builder-fed3b5b2-4fd9-4e50-8e89-a7e6960ca7be/builder-fed3b5b2-4fd9-4e50-8e89-a7e6960ca7be0/71jb1deyyrx9qhmm15u6tpxk1 1011: ##[endgroup] 1012: ##[group]Check build summary support 1013: Build summary supported! 1014: ##[endgroup] 1015: ##[error]buildx failed with: ERROR: failed to build: failed to solve: process "/bin/bash -lc dnf install -y oracle-epel-release-el9 oraclelinux-developer-release-el9 && dnf config-manager --enable ol9_codeready_builder && dnf install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-9-x86_64/pgdg-redhat-repo-latest.noarch.rpm && dnf install -y https://zfsonlinux.org/epel/zfs-release-2-3.el9.noarch.rpm && dnf -qy module disable postgresql && dnf install -y libzfs5-devel libuuid-devel libblkid-devel libtirpc-devel skopeo iptables gcc-toolset-13 bpftool ca-certificates clang curl createrepo_c git gmp-devel libbpf-devel libev-devel libzstd-devel llvm llvm-libs lz4-devel m4 make openssl-devel patch perl pkgconfig postgresql18-devel protobuf-compiler protobuf-devel rpm-build rpm-sign rpmdevtools redhat-rpm-config rsync tar unzip which zlib-devel && dnf clean all && ldconfig" did not complete successfully: exit code: 1 1016: Post job cleanup. ... 1049: ##[group]Cleaning up certificates 1050: ##[endgroup] 1051: ##[group]Post cache 1052: State not set 1053: ##[endgroup] 1054: Post job cleanup. 1055: [command]/usr/bin/git version 1056: git version 2.53.0 1057: Temporarily overriding HOME='/home/runner/work/_temp/41c9f9ec-657c-4e1b-8fbe-92aaaf3a9981' before making global git config changes 1058: Adding repository directory to the temporary git global config as a safe directory 1059: [command]/usr/bin/git config --global --add safe.directory /home/runner/work/serviceradar/serviceradar 1060: Removing SSH command configuration 1061: [command]/usr/bin/git config --local --name-only --get-regexp core\.sshCommand 1062: [command]/usr/bin/git submodule foreach --recursive sh -c "git config --local --name-only --get-regexp 'core\.sshCommand' && git config --local --unset-all 'core.sshCommand' || :" 1063: fatal: No url found for submodule path 'swift/FieldSurvey/LocalPackages/arrow-swift' in .gitmodules 1064: ##[warning]The process '/usr/bin/git' failed with exit code 128 1065: Cleaning up orphan processes

Imported GitHub PR comment. Original author: @qodo-code-review[bot] Original URL: https://github.com/carverauto/serviceradar/pull/3000#issuecomment-4016882009 Original created: 2026-03-07T16:40:46Z --- ## CI Feedback 🧐 #### (Feedback updated until commit https://github.com/carverauto/serviceradar/commit/b55d4bba25cce24763093560017f41b54e1c634f) A test triggered by this PR failed. Here is an AI-generated analysis of the failure: <table><tr><td> **Action:** build-and-push</td></tr> <tr><td> **Failed stage:** [Build and push Docker image](https://github.com/carverauto/serviceradar/actions/runs/22802895480/job/66147278382) [❌] </td></tr> <tr><td> **Failed test name:** "" </td></tr> <tr><td> **Failure summary:** The action failed during the Docker/buildx image build because a <code>dnf install</code> step could not resolve <br>dependencies:<br> - <code>dnf</code> reported: <code>cannot install the best candidate for the job</code> because <br><code>libbpf-devel-2:1.5.0-2.0.2.el9.x86_64</code> (from repo <code>ol9_developer</code>) requires <code>libbpf = 2:1.5.0-2.0.2.el9</code>, <br>but no repository provided that exact <code>libbpf</code> package version (lines 936-940).<br> - This caused the <br>build step (<code>RUN dnf ... && dnf install -y ... libbpf-devel ...</code>) to exit with code <code>1</code>, and <code>buildx</code> <br>aborted with <code>failed to solve</code> (lines 940-1015).<br> A later warning during post-job cleanup shows a Git <br>submodule configuration issue:<br> - <code>fatal: No url found for submodule path </code><br><code>swift/FieldSurvey/LocalPackages/arrow-swift in .gitmodules</code> (line 1063), but this appears after the <br>primary <code>buildx</code> failure and is not the root cause of the action failure.<br> </td></tr> <tr><td> <details><summary>Relevant error logs:</summary> ```yaml 1: ##[group]Runner Image Provisioner 2: Hosted Compute Agent ... 921: #10 99.28 Transaction test succeeded. 922: #10 99.28 Running transaction 923: #10 99.28 Preparing : 1/1 924: #10 99.29 Installing : zfs-release-2-3.el9.noarch 1/1 925: #10 99.29 Running scriptlet: zfs-release-2-3.el9.noarch 1/1 926: #10 99.34 Verifying : zfs-release-2-3.el9.noarch 1/1 927: #10 99.46 928: #10 99.46 Installed: 929: #10 99.46 zfs-release-2-3.el9.noarch 930: #10 99.46 931: #10 99.46 Complete! 932: #10 103.1 Last metadata expiration check: 0:00:03 ago on Sat Mar 7 16:41:27 2026. 933: #10 103.4 Package ca-certificates-2025.2.80_v9.0.305-91.el9.noarch is already installed. 934: #10 103.4 Package curl-7.76.1-35.el9_7.3.x86_64 is already installed. 935: #10 103.5 Package tar-2:1.34-9.el9_7.x86_64 is already installed. 936: #10 103.6 Error: 937: #10 103.6 Problem: cannot install the best candidate for the job 938: #10 103.6 - nothing provides libbpf = 2:1.5.0-2.0.2.el9 needed by libbpf-devel-2:1.5.0-2.0.2.el9.x86_64 from ol9_developer 939: #10 103.6 (try to add '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages) 940: #10 ERROR: process "/bin/bash -lc dnf install -y oracle-epel-release-el9 oraclelinux-developer-release-el9 && dnf config-manager --enable ol9_codeready_builder && dnf install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-9-x86_64/pgdg-redhat-repo-latest.noarch.rpm && dnf install -y https://zfsonlinux.org/epel/zfs-release-2-3.el9.noarch.rpm && dnf -qy module disable postgresql && dnf install -y libzfs5-devel libuuid-devel libblkid-devel libtirpc-devel skopeo iptables gcc-toolset-13 bpftool ca-certificates clang curl createrepo_c git gmp-devel libbpf-devel libev-devel libzstd-devel llvm llvm-libs lz4-devel m4 make openssl-devel patch perl pkgconfig postgresql18-devel protobuf-compiler protobuf-devel rpm-build rpm-sign rpmdevtools redhat-rpm-config rsync tar unzip which zlib-devel && dnf clean all && ldconfig" did not complete successfully: exit code: 1 941: ------ 942: > [stage-0 2/10] RUN dnf install -y oracle-epel-release-el9 oraclelinux-developer-release-el9 && dnf config-manager --enable ol9_codeready_builder && dnf install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-9-x86_64/pgdg-redhat-repo-latest.noarch.rpm && dnf install -y https://zfsonlinux.org/epel/zfs-release-2-3.el9.noarch.rpm && dnf -qy module disable postgresql && dnf install -y libzfs5-devel libuuid-devel libblkid-devel libtirpc-devel skopeo iptables gcc-toolset-13 bpftool ca-certificates clang curl createrepo_c git gmp-devel libbpf-devel libev-devel libzstd-devel llvm llvm-libs lz4-devel m4 make openssl-devel patch perl pkgconfig postgresql18-devel protobuf-compiler protobuf-devel rpm-build rpm-sign rpmdevtools redhat-rpm-config rsync tar unzip which zlib-devel && dnf clean all && ldconfig: 943: 99.46 944: 99.46 Complete! 945: 103.1 Last metadata expiration check: 0:00:03 ago on Sat Mar 7 16:41:27 2026. 946: 103.4 Package ca-certificates-2025.2.80_v9.0.305-91.el9.noarch is already installed. 947: 103.4 Package curl-7.76.1-35.el9_7.3.x86_64 is already installed. 948: 103.5 Package tar-2:1.34-9.el9_7.x86_64 is already installed. 949: 103.6 Error: 950: 103.6 Problem: cannot install the best candidate for the job ... 993: 43 | >>> protobuf-compiler \ 994: 44 | >>> protobuf-devel \ 995: 45 | >>> rpm-build \ 996: 46 | >>> rpm-sign \ 997: 47 | >>> rpmdevtools \ 998: 48 | >>> redhat-rpm-config \ 999: 49 | >>> rsync \ 1000: 50 | >>> tar \ 1001: 51 | >>> unzip \ 1002: 52 | >>> which \ 1003: 53 | >>> zlib-devel \ 1004: 54 | >>> && dnf clean all \ 1005: 55 | >>> && ldconfig 1006: 56 | 1007: -------------------- 1008: ERROR: failed to build: failed to solve: process "/bin/bash -lc dnf install -y oracle-epel-release-el9 oraclelinux-developer-release-el9 && dnf config-manager --enable ol9_codeready_builder && dnf install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-9-x86_64/pgdg-redhat-repo-latest.noarch.rpm && dnf install -y https://zfsonlinux.org/epel/zfs-release-2-3.el9.noarch.rpm && dnf -qy module disable postgresql && dnf install -y libzfs5-devel libuuid-devel libblkid-devel libtirpc-devel skopeo iptables gcc-toolset-13 bpftool ca-certificates clang curl createrepo_c git gmp-devel libbpf-devel libev-devel libzstd-devel llvm llvm-libs lz4-devel m4 make openssl-devel patch perl pkgconfig postgresql18-devel protobuf-compiler protobuf-devel rpm-build rpm-sign rpmdevtools redhat-rpm-config rsync tar unzip which zlib-devel && dnf clean all && ldconfig" did not complete successfully: exit code: 1 1009: ##[group]Reference 1010: builder-fed3b5b2-4fd9-4e50-8e89-a7e6960ca7be/builder-fed3b5b2-4fd9-4e50-8e89-a7e6960ca7be0/71jb1deyyrx9qhmm15u6tpxk1 1011: ##[endgroup] 1012: ##[group]Check build summary support 1013: Build summary supported! 1014: ##[endgroup] 1015: ##[error]buildx failed with: ERROR: failed to build: failed to solve: process "/bin/bash -lc dnf install -y oracle-epel-release-el9 oraclelinux-developer-release-el9 && dnf config-manager --enable ol9_codeready_builder && dnf install -y https://download.postgresql.org/pub/repos/yum/reporpms/EL-9-x86_64/pgdg-redhat-repo-latest.noarch.rpm && dnf install -y https://zfsonlinux.org/epel/zfs-release-2-3.el9.noarch.rpm && dnf -qy module disable postgresql && dnf install -y libzfs5-devel libuuid-devel libblkid-devel libtirpc-devel skopeo iptables gcc-toolset-13 bpftool ca-certificates clang curl createrepo_c git gmp-devel libbpf-devel libev-devel libzstd-devel llvm llvm-libs lz4-devel m4 make openssl-devel patch perl pkgconfig postgresql18-devel protobuf-compiler protobuf-devel rpm-build rpm-sign rpmdevtools redhat-rpm-config rsync tar unzip which zlib-devel && dnf clean all && ldconfig" did not complete successfully: exit code: 1 1016: Post job cleanup. ... 1049: ##[group]Cleaning up certificates 1050: ##[endgroup] 1051: ##[group]Post cache 1052: State not set 1053: ##[endgroup] 1054: Post job cleanup. 1055: [command]/usr/bin/git version 1056: git version 2.53.0 1057: Temporarily overriding HOME='/home/runner/work/_temp/41c9f9ec-657c-4e1b-8fbe-92aaaf3a9981' before making global git config changes 1058: Adding repository directory to the temporary git global config as a safe directory 1059: [command]/usr/bin/git config --global --add safe.directory /home/runner/work/serviceradar/serviceradar 1060: Removing SSH command configuration 1061: [command]/usr/bin/git config --local --name-only --get-regexp core\.sshCommand 1062: [command]/usr/bin/git submodule foreach --recursive sh -c "git config --local --name-only --get-regexp 'core\.sshCommand' && git config --local --unset-all 'core.sshCommand' || :" 1063: fatal: No url found for submodule path 'swift/FieldSurvey/LocalPackages/arrow-swift' in .gitmodules 1064: ##[warning]The process '/usr/bin/git' failed with exit code 128 1065: Cleaning up orphan processes ``` </details></td></tr></table>

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels   

1week

  

2weeks

  

Failed compliance check

  

IP cameras

  

NATS

NATS JetStream

  

Possible security concern

  

Review effort 1/5

  

Review effort 2/5

  

Review effort 3/5

  

Review effort 4/5

  

Review effort 5/5

  

UI

  

aardvark

  

accessibility

  

amd64

  

api

  

arm64

  

auth

  

back-end

  

bgp

  

blog

  

bug

Something isn't working

  

build

  

checkers

  

ci-cd

continuous integration-continuous deployments

  

cleanup

  

cnpg

cloud-native postgres

  

codex

  

core

core service

  

dependencies

Pull requests that update a dependency file

  

device-management

  

documentation

Improvements or additions to documentation

  

duplicate

This issue or pull request already exists

  

dusk

  

ebpf

  

enhancement

New feature or request

  

eta 1d

  

eta 1hr

  

eta 3d

  

eta 3hr

  

feature

  

fieldsurvey

  

github_actions

Pull requests that update GitHub Actions code

  

go

Pull requests that update Go code

  

good first issue

Good for newcomers

  

help wanted

Extra attention is needed

  

invalid

This doesn't seem right

  

javascript

Pull requests that update Javascript code

  

k8s

  

log-collector

  

mapper

  

mtr

multi traceroute

  

needs-triage

  

netflow

  

network-sweep

  

observability

  

oracle

Oracle Linux related issues

  

otel

opentelemetry logs, traces, metrics

  

plug-in

  

proton

timeplus proton streaming database

  

python

  

question

Further information is requested

  

reddit

  

redhat

  

research

  

rperf

  

rperf-checker

  

rust

Pull requests that update rust code

  

sdk

  

security

  

serviceradar-agent

  

serviceradar-agent-gateway

  

serviceradar-web

  

serviceradar-web-ng

  

siem

  

snmp

  

sysmon

  

topology

  

ubiquiti

  

wasm

  

wontfix

This will not be worked on

  

zen-engine

No labels

1week

2weeks

Failed compliance check

IP cameras

NATS

Possible security concern

Review effort 1/5

Review effort 2/5

Review effort 3/5

Review effort 4/5

Review effort 5/5

UI

aardvark

accessibility

amd64

api

arm64

auth

back-end

bgp

blog

bug

build

checkers

ci-cd

cleanup

cnpg

codex

core

dependencies

device-management

documentation

duplicate

dusk

ebpf

enhancement

eta 1d

eta 1hr

eta 3d

eta 3hr

feature

fieldsurvey

github_actions

go

good first issue

help wanted

invalid

javascript

k8s

log-collector

mapper

mtr

needs-triage

netflow

network-sweep

observability

oracle

otel

plug-in

proton

python

question

reddit

redhat

research

rperf

rperf-checker

rust

sdk

security

serviceradar-agent

serviceradar-agent-gateway

serviceradar-web

serviceradar-web-ng

siem

snmp

sysmon

topology

ubiquiti

wasm

wontfix

zen-engine

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

carverauto/serviceradar!3019

No description provided.