carverauto/serviceradar

Fork 0

737 feat docker compose support #2125

Merged

mfreeman451 merged 40 commits from refs/pull/2125/head into main

2025-08-17 08:00:45 +00:00

mfreeman451 commented

2025-08-15 08:04:23 +00:00

(Migrated from github.com)

Owner

Imported from GitHub pull request.

Original GitHub pull request: #1523
Original author: @mfreeman451
Original URL: https://github.com/carverauto/serviceradar/pull/1523
Original created: 2025-08-15T08:04:23Z
Original updated: 2025-08-17T08:00:48Z
Original head: carverauto/serviceradar:737-feat-docker-compose-support
Original base: main
Original merged: 2025-08-17T08:00:45Z by @mfreeman451

No description provided.

Imported from GitHub pull request. Original GitHub pull request: #1523 Original author: @mfreeman451 Original URL: https://github.com/carverauto/serviceradar/pull/1523 Original created: 2025-08-15T08:04:23Z Original updated: 2025-08-17T08:00:48Z Original head: carverauto/serviceradar:737-feat-docker-compose-support Original base: main Original merged: 2025-08-17T08:00:45Z by @mfreeman451 --- _No description provided._

github-advanced-security[bot] commented

2025-08-15 08:05:15 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR review comment.

Original author: @github-advanced-security[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/1523#discussion_r2278499200
Original created: 2025-08-15T08:05:15Z
Original path: .github/workflows/docker-build.yml
Original line: 41

Workflow does not contain permissions

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}}

Show more details

Imported GitHub PR review comment. Original author: @github-advanced-security[bot] Original URL: https://github.com/carverauto/serviceradar/pull/1523#discussion_r2278499200 Original created: 2025-08-15T08:05:15Z Original path: .github/workflows/docker-build.yml Original line: 41 --- ## Workflow does not contain permissions Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {{contents: read}} [Show more details](https://github.com/carverauto/serviceradar/security/code-scanning/31)

mfreeman451 commented

2025-08-15 08:11:10 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR review comment.

Original author: @mfreeman451
Original URL: https://github.com/carverauto/serviceradar/pull/1523#discussion_r2278506394
Original created: 2025-08-15T08:11:10Z
Original path: docker/compose/entrypoint-core.sh
Original line: 91

this needs to go

Imported GitHub PR review comment. Original author: @mfreeman451 Original URL: https://github.com/carverauto/serviceradar/pull/1523#discussion_r2278506394 Original created: 2025-08-15T08:11:10Z Original path: docker/compose/entrypoint-core.sh Original line: 91 --- this needs to go

mfreeman451 commented

2025-08-15 08:12:51 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR review comment.

Original author: @mfreeman451
Original URL: https://github.com/carverauto/serviceradar/pull/1523#discussion_r2278508657
Original created: 2025-08-15T08:12:51Z
Original path: docker/compose/sweep.docker.json
Original line: 12

need to remove these SR ports

Imported GitHub PR review comment. Original author: @mfreeman451 Original URL: https://github.com/carverauto/serviceradar/pull/1523#discussion_r2278508657 Original created: 2025-08-15T08:12:51Z Original path: docker/compose/sweep.docker.json Original line: 12 --- need to remove these SR ports

mfreeman451 commented

2025-08-15 08:13:38 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR review comment.

Original author: @mfreeman451
Original URL: https://github.com/carverauto/serviceradar/pull/1523#discussion_r2278509826
Original created: 2025-08-15T08:13:38Z
Original path: packaging/core/config/core.docker.json
Original line: 51

need to change these

Imported GitHub PR review comment. Original author: @mfreeman451 Original URL: https://github.com/carverauto/serviceradar/pull/1523#discussion_r2278509826 Original created: 2025-08-15T08:13:38Z Original path: packaging/core/config/core.docker.json Original line: 51 --- need to change these

mfreeman451 commented

2025-08-15 08:13:56 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR review comment.

Original author: @mfreeman451
Original URL: https://github.com/carverauto/serviceradar/pull/1523#discussion_r2278510220
Original created: 2025-08-15T08:13:56Z
Original path: packaging/core/config/core.docker.json
Original line: 54

this should be changeme and get updated by the init

Imported GitHub PR review comment. Original author: @mfreeman451 Original URL: https://github.com/carverauto/serviceradar/pull/1523#discussion_r2278510220 Original created: 2025-08-15T08:13:56Z Original path: packaging/core/config/core.docker.json Original line: 54 --- this should be changeme and get updated by the init

mfreeman451 commented

2025-08-15 08:18:45 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR review comment.

Original author: @mfreeman451
Original URL: https://github.com/carverauto/serviceradar/pull/1523#discussion_r2278516411
Original created: 2025-08-15T08:18:45Z
Original path: docker-compose.yml
Original line: 266

this needs to go

Imported GitHub PR review comment. Original author: @mfreeman451 Original URL: https://github.com/carverauto/serviceradar/pull/1523#discussion_r2278516411 Original created: 2025-08-15T08:18:45Z Original path: docker-compose.yml Original line: 266 --- this needs to go

mfreeman451 commented

2025-08-15 08:20:52 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR review comment.

Original author: @mfreeman451
Original URL: https://github.com/carverauto/serviceradar/pull/1523#discussion_r2278519470
Original created: 2025-08-15T08:20:52Z
Original path: web/src/lib/config.ts
Original line: 56

this is bad

Imported GitHub PR review comment. Original author: @mfreeman451 Original URL: https://github.com/carverauto/serviceradar/pull/1523#discussion_r2278519470 Original created: 2025-08-15T08:20:52Z Original path: web/src/lib/config.ts Original line: 56 --- this is bad

gitguardian[bot] commented

2025-08-15 18:26:11 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR comment.

Original author: @gitguardian[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/1523#issuecomment-3192377659
Original created: 2025-08-15T18:26:11Z

⚠️ GitGuardian has uncovered 1 secret following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secret in your pull request

GitGuardian id	GitGuardian status	Secret	Commit	Filename
20222043	Triggered	Generic High Entropy Secret	`dea0c8ebcb`	packaging/core/config/core.docker.json	View secret

🛠 Guidelines to remediate hardcoded secrets

Understand the implications of revoking this secret by investigating where it is used in your code.
Replace and store your secret safely. Learn here the best practices.
Revoke and rotate this secret.
If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

following these best practices for managing and storing secrets including API keys and other credentials
install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.

^{🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.}

Imported GitHub PR comment. Original author: @gitguardian[bot] Original URL: https://github.com/carverauto/serviceradar/pull/1523#issuecomment-3192377659 Original created: 2025-08-15T18:26:11Z --- #### ⚠️ GitGuardian has uncovered 1 secret following the scan of your pull request. Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components. <details> <summary>🔎 Detected hardcoded secret in your pull request</summary> | GitGuardian id | GitGuardian status | Secret | Commit | Filename | | | -------------- | ------------------ | ------------------------------ | ---------------- | --------------- | -------------------- | | [20222043](https://dashboard.gitguardian.com/workspace/312055/incidents/20222043?occurrence=208947294) | Triggered | Generic High Entropy Secret | dea0c8ebcbbfd2138a7d7e7783701beb268ac539 | packaging/core/config/core.docker.json | [View secret](https://github.com/carverauto/serviceradar/commit/dea0c8ebcbbfd2138a7d7e7783701beb268ac539#diff-e8daaf647c9f7582595681307b2d56a0b0436bebb8e9112d9c894cacb3347a1fR51) | </details> <details> <summary>🛠 Guidelines to remediate hardcoded secrets</summary> 1. Understand the implications of revoking this secret by investigating where it is used in your code. 2. Replace and store your secret safely. [Learn here](https://blog.gitguardian.com/secrets-api-management?utm_source=product&utm_medium=GitHub_checks&utm_campaign=check_run_comment) the best practices. 3. Revoke and [rotate this secret](https://docs.gitguardian.com/secrets-detection/secrets-detection-engine/detectors/generics/generic_high_entropy_secret#revoke-the-secret?utm_source=product&utm_medium=GitHub_checks&utm_campaign=check_run_comment). 4. If possible, [rewrite git history](https://blog.gitguardian.com/rewriting-git-history-cheatsheet?utm_source=product&utm_medium=GitHub_checks&utm_campaign=check_run_comment). Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data. To avoid such incidents in the future consider - following these [best practices](https://blog.gitguardian.com/secrets-api-management/?utm_source=product&utm_medium=GitHub_checks&utm_campaign=check_run_comment) for managing and storing secrets including API keys and other credentials - install [secret detection on pre-commit](https://docs.gitguardian.com/ggshield-docs/integrations/git-hooks/pre-commit?utm_source=product&utm_medium=GitHub_checks&utm_campaign=check_run_comment) to catch secret before it leaves your machine and ease remediation. </details> --- 🦉 [GitGuardian](https://dashboard.gitguardian.com/auth/login/?utm_medium=checkruns&utm_source=github&utm_campaign=cr1) detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.