docker fixes #2309

Merged

mfreeman451 merged 1 commit from refs/pull/2309/head into main

2025-10-12 20:45:27 +00:00

mfreeman451 commented

2025-10-12 20:34:51 +00:00

(Migrated from github.com)

Owner

Imported from GitHub pull request.

Original GitHub pull request: #1748
Original author: @mfreeman451
Original URL: https://github.com/carverauto/serviceradar/pull/1748
Original created: 2025-10-12T20:34:51Z
Original updated: 2025-10-12T20:45:31Z
Original head: carverauto/serviceradar:sysmonvm/integration_tests
Original base: main
Original merged: 2025-10-12T20:45:27Z by @mfreeman451

PR Type

Bug fix, Enhancement

Description

Fixed Next.js static asset linking in standalone bundle
Added public asset flattening for Bazel-packaged files
Updated Kong config command with render-kong subcommand
Improved Kong healthcheck using native kong health command

Diagram Walkthrough

flowchart LR
  A["Next.js Build"] --> B["Static Assets Linking"]
  B --> C["Standalone Bundle"]
  D["Bazel Public Assets"] --> E["Asset Flattening"]
  E --> F["Public Root"]
  G["Kong Config"] --> H["render-kong Command"]
  H --> I["Kong Gateway"]
  I --> J["Health Check"]

File Walkthrough

Relevant files

Bug fix

entrypoint-web.sh `Add Next.js asset linking and public file flattening` docker/compose/entrypoint-web.sh Added symbolic linking of Next.js static assets to standalone bundle directory Implemented flattening of Bazel-packaged public assets from nested structure Added asset flattening for both regular and standalone public directories	+31/-0
BUILD.bazel `Configure prefix stripping for web public asset packaging` docker/images/BUILD.bazel Added `strip_prefix` parameter to `web_public_root_amd64` target Added `strip_prefix` parameter to `web_public_standalone_amd64` target	+2/-0

Enhancement

docker-compose.yml

Update Kong configuration command and healthcheck method

docker-compose.yml

Updated kong-config command to include render-kong subcommand
Changed Kong healthcheck from wget to native kong health command

+2/-2

Imported from GitHub pull request. Original GitHub pull request: #1748 Original author: @mfreeman451 Original URL: https://github.com/carverauto/serviceradar/pull/1748 Original created: 2025-10-12T20:34:51Z Original updated: 2025-10-12T20:45:31Z Original head: carverauto/serviceradar:sysmonvm/integration_tests Original base: main Original merged: 2025-10-12T20:45:27Z by @mfreeman451 --- ### **PR Type** Bug fix, Enhancement ___ ### **Description** - Fixed Next.js static asset linking in standalone bundle - Added public asset flattening for Bazel-packaged files - Updated Kong config command with `render-kong` subcommand - Improved Kong healthcheck using native `kong health` command ___ ### Diagram Walkthrough ```mermaid flowchart LR A["Next.js Build"] --> B["Static Assets Linking"] B --> C["Standalone Bundle"] D["Bazel Public Assets"] --> E["Asset Flattening"] E --> F["Public Root"] G["Kong Config"] --> H["render-kong Command"] H --> I["Kong Gateway"] I --> J["Health Check"] ``` <details> <summary><h3> File Walkthrough</h3></summary> <table><thead><tr><th></th><th align="left">Relevant files</th></tr></thead><tbody><tr><td><strong>Bug fix</strong></td><td><table> <tr> <td> <details> <summary><strong>entrypoint-web.sh</strong><dd><code>Add Next.js asset linking and public file flattening</code>          </dd></summary> <hr> docker/compose/entrypoint-web.sh <ul><li>Added symbolic linking of Next.js static assets to standalone bundle <br>directory<br> <li> Implemented flattening of Bazel-packaged public assets from nested <br>structure<br> <li> Added asset flattening for both regular and standalone public <br>directories</ul> </details> </td> <td><a href="https://github.com/carverauto/serviceradar/pull/1748/files#diff-cbf60f692a5b524b141bf8b7fcff7abba11038d0b1c5a08378c0fd89e742d74e">+31/-0</a>    </td> </tr> <tr> <td> <details> <summary><strong>BUILD.bazel</strong><dd><code>Configure prefix stripping for web public asset packaging</code></dd></summary> <hr> docker/images/BUILD.bazel <ul><li>Added <code>strip_prefix</code> parameter to <code>web_public_root_amd64</code> target<br> <li> Added <code>strip_prefix</code> parameter to <code>web_public_standalone_amd64</code> target</ul> </details> </td> <td><a href="https://github.com/carverauto/serviceradar/pull/1748/files#diff-0e4db31c224a8f72ae8e870a849e38a59d74a2c7f7b04347b0b3eb07e20c5a80">+2/-0</a>      </td> </tr> </table></td></tr><tr><td><strong>Enhancement</strong></td><td><table> <tr> <td> <details> <summary><strong>docker-compose.yml</strong><dd><code>Update Kong configuration command and healthcheck method</code>  </dd></summary> <hr> docker-compose.yml <ul><li>Updated <code>kong-config</code> command to include <code>render-kong</code> subcommand<br> <li> Changed Kong healthcheck from <code>wget</code> to native <code>kong health</code> command</ul> </details> </td> <td><a href="https://github.com/carverauto/serviceradar/pull/1748/files#diff-e45e45baeda1c1e73482975a664062aa56f20c03dd9d64a827aba57775bed0d3">+2/-2</a>      </td> </tr> </table></td></tr></tr></tbody></table> </details> ___

qodo-code-review[bot] commented

2025-10-12 20:35:16 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR comment.

Original author: @qodo-code-review[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/1748#issuecomment-3395330416
Original created: 2025-10-12T20:35:16Z

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
⚪	Unchecked file overwrite Description: Unchecked recursive copy (cp -R) from nested public paths into public roots may overwrite existing files or follow symlinks if present, potentially leading to unintended file replacement or serving of unexpected content. entrypoint-web.sh [104-117] Referred Code # Flatten Bazel-packaged public assets that land under web/public_flat. PUBLIC_ROOT="/app/public" NESTED_PUBLIC="${PUBLIC_ROOT}/web/public_flat" if [ -d "${NESTED_PUBLIC}" ]; then echo "Flattening public assets into ${PUBLIC_ROOT}..." cp -R "${NESTED_PUBLIC}/." "${PUBLIC_ROOT}/" fi STANDALONE_PUBLIC_ROOT="/app/.next/standalone/public" NESTED_STANDALONE_PUBLIC="${STANDALONE_PUBLIC_ROOT}/web/public_flat" if [ -d "${NESTED_STANDALONE_PUBLIC}" ]; then echo "Flattening standalone public assets..." cp -R "${NESTED_STANDALONE_PUBLIC}/." "${STANDALONE_PUBLIC_ROOT}/" fi
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
⚪	No custom compliance provided Follow the guide to enable custom compliance check.

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

Imported GitHub PR comment. Original author: @qodo-code-review[bot] Original URL: https://github.com/carverauto/serviceradar/pull/1748#issuecomment-3395330416 Original created: 2025-10-12T20:35:16Z --- ## PR Compliance Guide 🔍  Below is a summary of compliance checks for this PR:<br> <table><tbody><tr><td colspan='2'><strong>Security Compliance</strong></td></tr> <tr><td rowspan=1>⚪</td> <td><details><summary><strong>Unchecked file overwrite </strong></summary><br> <b>Description:</b> Unchecked recursive copy (cp -R) from nested public paths into public roots may overwrite <br>existing files or follow symlinks if present, potentially leading to unintended file <br>replacement or serving of unexpected content.<br> <strong><a href='https://github.com/carverauto/serviceradar/pull/1748/files#diff-cbf60f692a5b524b141bf8b7fcff7abba11038d0b1c5a08378c0fd89e742d74eR104-R117'>entrypoint-web.sh [104-117]</a></strong><br> <details open><summary>Referred Code</summary> ```shell # Flatten Bazel-packaged public assets that land under web/public_flat. PUBLIC_ROOT="/app/public" NESTED_PUBLIC="${PUBLIC_ROOT}/web/public_flat" if [ -d "${NESTED_PUBLIC}" ]; then echo "Flattening public assets into ${PUBLIC_ROOT}..." cp -R "${NESTED_PUBLIC}/." "${PUBLIC_ROOT}/" fi STANDALONE_PUBLIC_ROOT="/app/.next/standalone/public" NESTED_STANDALONE_PUBLIC="${STANDALONE_PUBLIC_ROOT}/web/public_flat" if [ -d "${NESTED_STANDALONE_PUBLIC}" ]; then echo "Flattening standalone public assets..." cp -R "${NESTED_STANDALONE_PUBLIC}/." "${STANDALONE_PUBLIC_ROOT}/" fi ``` </details></details></td></tr> <tr><td colspan='2'><strong>Ticket Compliance</strong></td></tr> <tr><td>⚪</td><td><details><summary>🎫 <strong>No ticket provided </summary></strong> - [ ] Create ticket/issue  </details></td></tr> <tr><td colspan='2'><strong>Codebase Duplication Compliance</strong></td></tr> <tr><td>⚪</td><td><details><summary><strong>Codebase context is not defined </strong></summary> Follow the <a href='https://qodo-merge-docs.qodo.ai/core-abilities/rag_context_enrichment/'>guide</a> to enable codebase context checks. </details></td></tr> <tr><td colspan='2'><strong>Custom Compliance</strong></td></tr> <tr><td>⚪</td><td><details><summary><strong>No custom compliance provided</strong></summary> Follow the <a href='https://qodo-merge-docs.qodo.ai/tools/compliance/'>guide</a> to enable custom compliance check. </details></td></tr> <tr><td align="center" colspan="2">   </td></tr></tbody></table> <details><summary>Compliance status legend</summary> 🟢 - Fully Compliant<br> 🟡 - Partial Compliant<br> 🔴 - Not Compliant<br> ⚪ - Requires Further Human Verification<br> 🏷️ - Compliance label<br> </details>

qodo-code-review[bot] commented

2025-10-12 20:36:09 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR comment.

Original author: @qodo-code-review[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/1748#issuecomment-3395331042
Original created: 2025-10-12T20:36:09Z

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
High-level	Solve asset path issues at build-time The runtime asset flattening scripts in `entrypoint-web.sh` are redundant because the `BUILD.bazel` file already handles this at build-time using `strip_prefix`. These runtime scripts should be removed to create a more efficient and robust container image. Examples: docker/compose/entrypoint-web.sh [104-117] `# Flatten Bazel-packaged public assets that land under web/public_flat. PUBLIC_ROOT="/app/public" NESTED_PUBLIC="${PUBLIC_ROOT}/web/public_flat" if [ -d "${NESTED_PUBLIC}" ]; then echo "Flattening public assets into ${PUBLIC_ROOT}..." cp -R "${NESTED_PUBLIC}/." "${PUBLIC_ROOT}/" fi STANDALONE_PUBLIC_ROOT="/app/.next/standalone/public" NESTED_STANDALONE_PUBLIC="${STANDALONE_PUBLIC_ROOT}/web/public_flat" ... (clipped 4 lines)` docker/images/BUILD.bazel [948-955] `strip_prefix = "web/public_flat", ) pkg_tar( name = "web_public_standalone_amd64", srcs = ["//web:public_flat"], package_dir = "/app/.next/standalone/public", strip_prefix = "web/public_flat",` Solution Walkthrough: Before: # In docker/compose/entrypoint-web.sh # ... # Flatten Bazel-packaged public assets that land under web/public_flat. PUBLIC_ROOT="/app/public" NESTED_PUBLIC="${PUBLIC_ROOT}/web/public_flat" if [ -d "${NESTED_PUBLIC}" ]; then cp -R "${NESTED_PUBLIC}/." "${PUBLIC_ROOT}/" fi STANDALONE_PUBLIC_ROOT="/app/.next/standalone/public" NESTED_STANDALONE_PUBLIC="${STANDALONE_PUBLIC_ROOT}/web/public_flat" if [ -d "${NESTED_STANDALONE_PUBLIC}" ]; then cp -R "${NESTED_STANDALONE_PUBLIC}/." "${STANDALONE_PUBLIC_ROOT}/" fi exec "$@" After: # In docker/compose/entrypoint-web.sh # ... # The runtime asset flattening logic is removed. # This is now handled at build-time via `strip_prefix` in the # `BUILD.bazel` file, making the container startup more efficient. exec "$@" Suggestion importance[1-10]: 9 __ Why: The suggestion correctly identifies that the runtime `cp` commands in `entrypoint-web.sh` are redundant due to the build-time `strip_prefix` changes in `BUILD.bazel`, proposing a significant improvement for efficiency and build correctness.	High
General	Remove redundant asset flattening logic Remove the redundant asset flattening logic from `entrypoint-web.sh`. This functionality is now handled at build time by the `strip_prefix` attribute in the `BUILD.bazel` file. docker/compose/entrypoint-web.sh [104-117] -# Flatten Bazel-packaged public assets that land under web/public_flat. -PUBLIC_ROOT="/app/public" -NESTED_PUBLIC="${PUBLIC_ROOT}/web/public_flat" -if [ -d "${NESTED_PUBLIC}" ]; then - echo "Flattening public assets into ${PUBLIC_ROOT}..." - cp -R "${NESTED_PUBLIC}/." "${PUBLIC_ROOT}/" -fi +# The logic for flattening public assets has been removed as it is now +# handled by the `strip_prefix` attribute in the `pkg_tar` rules +# in `docker/images/BUILD.bazel`. -STANDALONE_PUBLIC_ROOT="/app/.next/standalone/public" -NESTED_STANDALONE_PUBLIC="${STANDALONE_PUBLIC_ROOT}/web/public_flat" -if [ -d "${NESTED_STANDALONE_PUBLIC}" ]; then - echo "Flattening standalone public assets..." - cp -R "${NESTED_STANDALONE_PUBLIC}/." "${STANDALONE_PUBLIC_ROOT}/" -fi - Apply / Chat Suggestion importance[1-10]: 7 __ Why: The suggestion correctly identifies that the shell script logic for flattening assets is made redundant by the `strip_prefix` change in `BUILD.bazel`, thus removing dead code added in this PR.	Medium
More

Imported GitHub PR comment. Original author: @qodo-code-review[bot] Original URL: https://github.com/carverauto/serviceradar/pull/1748#issuecomment-3395331042 Original created: 2025-10-12T20:36:09Z --- ## PR Code Suggestions ✨  Explore these optional code suggestions: <table><thead><tr><td><strong>Category</strong></td><td align=left><strong>Suggestion                                                                                                                                    </strong></td><td align=center><strong>Impact</strong></td></tr><tbody><tr><td rowspan=1>High-level</td> <td> <details><summary>Solve asset path issues at build-time</summary> ___ **The runtime asset flattening scripts in <code>entrypoint-web.sh</code> are redundant because <br>the <code>BUILD.bazel</code> file already handles this at build-time using <code>strip_prefix</code>. <br>These runtime scripts should be removed to create a more efficient and robust <br>container image.** ### Examples: <details> <summary> <a href="https://github.com/carverauto/serviceradar/pull/1748/files#diff-cbf60f692a5b524b141bf8b7fcff7abba11038d0b1c5a08378c0fd89e742d74eR104-R117">docker/compose/entrypoint-web.sh [104-117]</a> </summary> ```bash # Flatten Bazel-packaged public assets that land under web/public_flat. PUBLIC_ROOT="/app/public" NESTED_PUBLIC="${PUBLIC_ROOT}/web/public_flat" if [ -d "${NESTED_PUBLIC}" ]; then echo "Flattening public assets into ${PUBLIC_ROOT}..." cp -R "${NESTED_PUBLIC}/." "${PUBLIC_ROOT}/" fi STANDALONE_PUBLIC_ROOT="/app/.next/standalone/public" NESTED_STANDALONE_PUBLIC="${STANDALONE_PUBLIC_ROOT}/web/public_flat" ... (clipped 4 lines) ``` </details> <details> <summary> <a href="https://github.com/carverauto/serviceradar/pull/1748/files#diff-0e4db31c224a8f72ae8e870a849e38a59d74a2c7f7b04347b0b3eb07e20c5a80R948-R955">docker/images/BUILD.bazel [948-955]</a> </summary> ```starlark strip_prefix = "web/public_flat", ) pkg_tar( name = "web_public_standalone_amd64", srcs = ["//web:public_flat"], package_dir = "/app/.next/standalone/public", strip_prefix = "web/public_flat", ``` </details> ### Solution Walkthrough: #### Before: ```starlark # In docker/compose/entrypoint-web.sh # ... # Flatten Bazel-packaged public assets that land under web/public_flat. PUBLIC_ROOT="/app/public" NESTED_PUBLIC="${PUBLIC_ROOT}/web/public_flat" if [ -d "${NESTED_PUBLIC}" ]; then cp -R "${NESTED_PUBLIC}/." "${PUBLIC_ROOT}/" fi STANDALONE_PUBLIC_ROOT="/app/.next/standalone/public" NESTED_STANDALONE_PUBLIC="${STANDALONE_PUBLIC_ROOT}/web/public_flat" if [ -d "${NESTED_STANDALONE_PUBLIC}" ]; then cp -R "${NESTED_STANDALONE_PUBLIC}/." "${STANDALONE_PUBLIC_ROOT}/" fi exec "$@" ``` #### After: ```starlark # In docker/compose/entrypoint-web.sh # ... # The runtime asset flattening logic is removed. # This is now handled at build-time via `strip_prefix` in the # `BUILD.bazel` file, making the container startup more efficient. exec "$@" ``` <details><summary>Suggestion importance[1-10]: 9</summary> __ Why: The suggestion correctly identifies that the runtime `cp` commands in `entrypoint-web.sh` are redundant due to the build-time `strip_prefix` changes in `BUILD.bazel`, proposing a significant improvement for efficiency and build correctness. </details></details></td><td align=center>High </td></tr><tr><td rowspan=1>General</td> <td> <details><summary>Remove redundant asset flattening logic</summary> ___ **Remove the redundant asset flattening logic from <code>entrypoint-web.sh</code>. This <br>functionality is now handled at build time by the <code>strip_prefix</code> attribute in the <br><code>BUILD.bazel</code> file.** [docker/compose/entrypoint-web.sh [104-117]](https://github.com/carverauto/serviceradar/pull/1748/files#diff-cbf60f692a5b524b141bf8b7fcff7abba11038d0b1c5a08378c0fd89e742d74eR104-R117) ```diff -# Flatten Bazel-packaged public assets that land under web/public_flat. -PUBLIC_ROOT="/app/public" -NESTED_PUBLIC="${PUBLIC_ROOT}/web/public_flat" -if [ -d "${NESTED_PUBLIC}" ]; then - echo "Flattening public assets into ${PUBLIC_ROOT}..." - cp -R "${NESTED_PUBLIC}/." "${PUBLIC_ROOT}/" -fi +# The logic for flattening public assets has been removed as it is now +# handled by the `strip_prefix` attribute in the `pkg_tar` rules +# in `docker/images/BUILD.bazel`. -STANDALONE_PUBLIC_ROOT="/app/.next/standalone/public" -NESTED_STANDALONE_PUBLIC="${STANDALONE_PUBLIC_ROOT}/web/public_flat" -if [ -d "${NESTED_STANDALONE_PUBLIC}" ]; then - echo "Flattening standalone public assets..." - cp -R "${NESTED_STANDALONE_PUBLIC}/." "${STANDALONE_PUBLIC_ROOT}/" -fi - ``` - [ ] **Apply / Chat**  <details><summary>Suggestion importance[1-10]: 7</summary> __ Why: The suggestion correctly identifies that the shell script logic for flattening assets is made redundant by the `strip_prefix` change in `BUILD.bazel`, thus removing dead code added in this PR. </details></details></td><td align=center>Medium </td></tr> <tr><td align="center" colspan="2"> - [ ] More  </td><td></td></tr></tbody></table>