Update/wasm updates plugins #3084

Merged

mfreeman451 merged 19 commits from refs/pull/3084/head into staging

2026-03-27 16:36:08 +00:00

mfreeman451 commented

2026-03-26 05:11:39 +00:00

(Migrated from github.com)

Owner

Imported from GitHub pull request.

Original GitHub pull request: #3086
Original author: @mfreeman451
Original URL: https://github.com/carverauto/serviceradar/pull/3086
Original created: 2026-03-26T05:11:39Z
Original updated: 2026-03-27T16:36:10Z
Original head: carverauto/serviceradar:update/wasm-updates-plugins
Original base: staging
Original merged: 2026-03-27T16:36:08Z by @mfreeman451

IMPORTANT: Please sign the Developer Certificate of Origin

Thank you for your contribution to ServiceRadar. Please note, when contributing, the developer must include
a DCO sign-off statement indicating the DCO acceptance in one commit message. Here
is an example DCO Signed-off-by line in a commit message:

Signed-off-by: J. Doe <j.doe@domain.com>

Describe your changes

Issue ticket number and link

Code checklist before requesting a review

I have signed the DCO?
The build completes without errors?
All tests are passing when running make test?

Imported from GitHub pull request. Original GitHub pull request: #3086 Original author: @mfreeman451 Original URL: https://github.com/carverauto/serviceradar/pull/3086 Original created: 2026-03-26T05:11:39Z Original updated: 2026-03-27T16:36:10Z Original head: carverauto/serviceradar:update/wasm-updates-plugins Original base: staging Original merged: 2026-03-27T16:36:08Z by @mfreeman451 --- ## IMPORTANT: Please sign the Developer Certificate of Origin Thank you for your contribution to ServiceRadar. Please note, when contributing, the developer must include a [DCO sign-off statement]( https://developercertificate.org/) indicating the DCO acceptance in one commit message. Here is an example DCO Signed-off-by line in a commit message: ``` Signed-off-by: J. Doe <j.doe@domain.com> ``` ## Describe your changes ## Issue ticket number and link ## Code checklist before requesting a review - [ ] I have signed the DCO? - [ ] The build completes without errors? - [ ] All tests are passing when running make test?

Copilot commented

2026-03-26 05:17:23 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR review comment.

Original author: @Copilot
Original URL: https://github.com/carverauto/serviceradar/pull/3086#discussion_r2992538259
Original created: 2026-03-26T05:17:23Z
Original path: helm/serviceradar/templates/gobgp.yaml
Original line: 71

gobgpd typically listens on the standard BGP TCP port 179 unless configured otherwise. With runAsNonRoot: true, runAsUser: 1001, and all Linux capabilities dropped, the container may fail to bind to 179 (privileged port), breaking BGP peering. Consider either configuring gobgpd to use a non-privileged listen port, or add NET_BIND_SERVICE (e.g., via the existing serviceradar.bindServiceContainerSecurityContext helper) when BGP listening is required.

Imported GitHub PR review comment. Original author: @Copilot Original URL: https://github.com/carverauto/serviceradar/pull/3086#discussion_r2992538259 Original created: 2026-03-26T05:17:23Z Original path: helm/serviceradar/templates/gobgp.yaml Original line: 71 --- `gobgpd` typically listens on the standard BGP TCP port 179 unless configured otherwise. With `runAsNonRoot: true`, `runAsUser: 1001`, and all Linux capabilities dropped, the container may fail to bind to 179 (privileged port), breaking BGP peering. Consider either configuring gobgpd to use a non-privileged listen port, or add `NET_BIND_SERVICE` (e.g., via the existing `serviceradar.bindServiceContainerSecurityContext` helper) when BGP listening is required.

Copilot commented

2026-03-26 05:17:23 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR review comment.

Original author: @Copilot
Original URL: https://github.com/carverauto/serviceradar/pull/3086#discussion_r2992538279
Original created: 2026-03-26T05:17:23Z
Original path: elixir/serviceradar_core/test/serviceradar/sweep_jobs/sweep_results_flow_e2e_test.exs
Original line: 433

Ash.Changeset.for_create/4 is being called with actor: actor twice in the options list. This is redundant and can be confusing during future edits; remove the duplicate key so it’s unambiguous which actor is intended.

Imported GitHub PR review comment. Original author: @Copilot Original URL: https://github.com/carverauto/serviceradar/pull/3086#discussion_r2992538279 Original created: 2026-03-26T05:17:23Z Original path: elixir/serviceradar_core/test/serviceradar/sweep_jobs/sweep_results_flow_e2e_test.exs Original line: 433 --- `Ash.Changeset.for_create/4` is being called with `actor: actor` twice in the options list. This is redundant and can be confusing during future edits; remove the duplicate key so it’s unambiguous which actor is intended. ```suggestion ```

github-advanced-security[bot] commented

2026-03-26 14:52:35 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR review comment.

Original author: @github-advanced-security[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/3086#discussion_r2995563918
Original created: 2026-03-26T14:52:35Z
Original path: go/pkg/agent/camera_relay_rtsp.go
Original line: 195

Disabled TLS certificate check

InsecureSkipVerify should not be used in production code.

Show more details

Imported GitHub PR review comment. Original author: @github-advanced-security[bot] Original URL: https://github.com/carverauto/serviceradar/pull/3086#discussion_r2995563918 Original created: 2026-03-26T14:52:35Z Original path: go/pkg/agent/camera_relay_rtsp.go Original line: 195 --- ## Disabled TLS certificate check InsecureSkipVerify should not be used in production code. [Show more details](https://github.com/carverauto/serviceradar/security/code-scanning/102)