-
Notifications
You must be signed in to change notification settings - Fork 15
maintenance/workflows audit #687
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: main
Are you sure you want to change the base?
Changes from all commits
b7d5cec
6d07526
0b8e6ad
54ab380
43df739
a17225e
289d8d3
5d37420
62c3a74
042425c
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change | ||
|---|---|---|---|---|
| @@ -0,0 +1,34 @@ | ||||
| version: "3.8" | ||||
|
Contributor
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win
The top-level 🧹 Proposed change-version: "3.8"
-
services:📝 Committable suggestion
Suggested change
🤖 Prompt for AI Agents |
||||
|
|
||||
| services: | ||||
| phlex-dev: | ||||
| build: | ||||
| context: . | ||||
| dockerfile: Dockerfile | ||||
| volumes: | ||||
| - ..:/workspaces/phlex | ||||
| - ../../phlex-coding-guidelines:/workspaces/phlex-coding-guidelines | ||||
| - ../../phlex-design:/workspaces/phlex-design | ||||
| - ../../phlex-examples:/workspaces/phlex-examples | ||||
| - ../../phlex-spack-recipes:/workspaces/phlex-spack-recipes | ||||
| - ${HOME}/.config/gh:/root/.config/gh:ro | ||||
| - ${HOME}/.config/kilo:/root/.config/kilo | ||||
| - ${HOME}/.gnupg:/root/.gnupg | ||||
| - ${HOME}/.podman-proxy/podman.sock:/tmp/podman.sock | ||||
| - phlex-kilo-data:/root/.local/share/kilo | ||||
| - phlex-vscode-user-data:/root/.vscode-server-insiders/data/User | ||||
| env_file: | ||||
| - ${HOME}/.phlex-kilo.env | ||||
| environment: | ||||
| - CMAKE_GENERATOR=Ninja | ||||
| - GH_CONFIG_DIR=/root/.config/gh | ||||
| - DOCKER_HOST=unix:///tmp/podman.sock | ||||
| - CONTAINER_HOST=unix:///tmp/podman.sock | ||||
| - GNUPGHOME=/root/.gnupg | ||||
| user: root | ||||
| tty: true | ||||
| stdin_open: true | ||||
|
|
||||
| volumes: | ||||
| phlex-kilo-data: | ||||
| phlex-vscode-user-data: | ||||
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -169,7 +169,6 @@ fi | |
| HEADROOM_PORT="${HEADROOM_PORT:-9797}" | ||
| HEADROOM_RELAY_PORT=$(( HEADROOM_PORT + 10000 )) | ||
| HEADROOM_LOCAL="127.0.0.1:${HEADROOM_PORT}" | ||
|
|
||
| if ss -tlnp 2>/dev/null | grep -q "127.0.0.1:${HEADROOM_PORT}"; then | ||
| start_socat_relay \ | ||
| "Headroom proxy" \ | ||
|
|
@@ -184,10 +183,22 @@ else | |
| fi | ||
|
|
||
| # Ensure remaining source bind mount points exist. | ||
| ensure_bind_dir "$HOME/.aws" | ||
| ensure_bind_dir "$HOME/.config/"{gh,kilo} | ||
| ensure_bind_dir "$HOME/.gnupg" | ||
| ensure_bind_dir "$HOME/.kiro" | ||
| ensure_bind_dir "$HOME/.vscode-remote-user-data" | ||
|
|
||
| # Generate .env file for the devcontainer to provide KILO_CONFIG_CONTENT | ||
| # to the VS Code plugin. This must be done on the host because the plugin | ||
| # needs this environment variable at server startup. | ||
| ENV_FILE="${HOME}/.phlex-kilo.env" | ||
| : > "${ENV_FILE}" | ||
|
|
||
| if [ -f "${HOME}/.config/kilo/kilo.jsonc" ]; then | ||
| # Replace the baseURL for fnal-litellm specifically. | ||
| # The range /"fnal-litellm"/,/baseURL/ ensures we only modify the correct provider. | ||
| # We avoid stripping comments with sed to prevent corrupting URLs (https://), | ||
| # as the Kilo plugin's JSONC parser handles comments correctly. | ||
| KILO_CONFIG_CONTENT="$(perl -0777 -pe 's|("fnal-litellm".*?)"baseURL":\s*"[^"]*"|$1"baseURL": "http://host.docker.internal:'${HEADROOM_RELAY_PORT}'"|s; s/"[^"]*"(*SKIP)(*F)|\/\/.*//g; s/^\s+//gm; s/\n//g' "${HOME}/.config/kilo/kilo.jsonc")" | ||
| echo "KILO_CONFIG_CONTENT='${KILO_CONFIG_CONTENT}'" > "${ENV_FILE}" | ||
|
Contributor
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🗄️ Data Integrity & Integration | 🟡 Minor | ⚡ Quick win 🧩 Analysis chain🏁 Script executed: #!/bin/bash
set -euo pipefail
# Map the script around the relevant area.
ast-grep outline .devcontainer/ensure-repos.sh --view expanded || true
# Show the nearby lines with numbers.
sed -n '160,230p' .devcontainer/ensure-repos.sh | cat -n
# Locate any other writes/reads of KILO_CONFIG_CONTENT and ENV_FILE.
rg -n "KILO_CONFIG_CONTENT|ENV_FILE|env_file|compose" .devcontainer/ensure-repos.sh .Repository: Framework-R-D/phlex Length of output: 4021 🌐 Web query:
💡 Result: In Docker Compose, the behavior of interpolation and quoting within files referenced by the Citations:
🌐 Web query:
💡 Result: To handle dollar signs ($) and prevent unwanted variable interpolation in a Docker Compose.env file, use single quotes around the value [1]. When you define a value in an.env file using single quotes (e.g., VAR='$VALUE'), Docker Compose treats the content as a literal string, effectively disabling interpolation for any character sequences like Citations:
🌐 Web query:
💡 Result: In Docker Compose, environment files (.env) support escaping single quotes within single-quoted values using the backslash character () [1][2]. According to official Docker documentation syntax rules for environment files, you can use the following syntax to include an apostrophe or single quote in a variable value [1][2]: VAR='Let's go!' -> Let's go! [1][2] However, be aware that there have been reported issues in certain versions of Docker Compose where the backslash escape character is incorrectly preserved in the final environment variable value (e.g., resulting in Let's go! instead of Let's go!) [3]. Key points regarding.env file parsing in Docker Compose: 1. Quoting behavior: Unlike some older implementations, modern Docker Compose (Compose V2) parses quoted strings [1][2]. Single-quoted values are treated literally, meaning variable expansion (e.g., $VARIABLE) does not occur within them [1][2]. Double-quoted values support parameter expansion and specific shell escape sequences like \n, \r, \t, and \ [1][2]. 2. Specification versus implementation: While the official Docker Compose documentation and the Compose Specification define these rules [1][2], the underlying parsing library can sometimes exhibit behavior that deviates from standard shell expectations or historical versions [4][5][6]. 3. Troubleshooting: If you encounter issues where quotes or escape characters are not being handled as expected, you can verify how your specific version of Docker Compose parses the file by checking the environment variables inside a running container using the env command [3][6]. If strict raw string behavior is required (where values are used exactly as-is without interpolation or special parsing), you may consider using the raw format for env_file if supported in your version [2][5]. Citations:
🏁 Script executed: #!/bin/bash
set -euo pipefail
# Find where the generated env file is consumed.
rg -n "\.phlex-kilo\.env|KILO_CONFIG_CONTENT_DOCKER|KILO_CONFIG_CONTENT" .devcontainer .github . -g '!test/**'
# Show any compose/devcontainer config references if present.
fd -a -t f 'devcontainer.json|compose.yaml|docker-compose.yml|docker-compose.yaml' .Repository: Framework-R-D/phlex Length of output: 900 🌐 Web query:
💡 Result: In Docker Compose, environment files used with the env_file attribute are typically treated as simple key-value pairs and do not perform variable interpolation [1]. While the main.env file (used for Compose file configuration) supports interpolation, the files referenced by the env_file attribute are generally passed directly to the container's environment [1]. If you need a literal dollar sign in an environment file used with env_file, you typically do not need to escape it because the file contents are usually read as literal strings by the container runtime [1]. If you are facing issues with variable expansion, it is important to distinguish where the interpolation is happening: 1. Compose File Interpolation: If you use a dollar sign in your compose.yaml (e.g., environment: - VAR=${MY_VAR}), Compose will attempt to interpolate that value [2][1]. To escape a dollar sign here, you must use a double dollar sign ($$) [2]. 2. Env File Content: If you are setting an environment variable in an.env file or a file referenced by env_file, the contents are generally taken literally by the target process inside the container [1]. If you find that characters are being interpreted, ensure your environment file format matches your expectations (e.g., using quotes if required by your specific shell or application environment) [1]. If you are using tools like dotenv or standard shell sourcing, single quotes are often used to prevent shell expansion, but they are not a universal standard for all env_file implementations [1]. If your specific containerized application is interpreting the file (rather than just setting the environment), check the documentation for that specific application's loader. Citations:
🏁 Script executed: #!/bin/bash
set -euo pipefail
# Inspect the devcontainer files to see how .phlex-kilo.env is consumed.
git ls-files .devcontainerRepository: Framework-R-D/phlex Length of output: 374 🏁 Script executed: #!/bin/bash
set -euo pipefail
# Inspect the compose file that consumes the generated env file.
sed -n '1,120p' .devcontainer/docker-compose.yml | cat -n
# If the file is referenced elsewhere, show those spots too.
rg -n "\.phlex-kilo\.env|env_file|KILO_CONFIG_CONTENT_DOCKER|KILO_CONFIG_CONTENT" .devcontainerRepository: Framework-R-D/phlex Length of output: 2242 🌐 Web query:
💡 Result: According to official Docker Compose documentation, single-quoted (') values in an env_file are intended to be used literally, and quotes can be escaped using a backslash () [1][2][3]. Specifically, the documentation provides the following example for escaping a single quote: VAR='Let's go!' -> Let's go! [1][2][3] However, be aware that there have been reported issues where the backslash escape character was not correctly processed, resulting in the literal string including the backslash (e.g., Let's go!) [4]. This behavior has been addressed in recent versions of Docker Compose (specifically via patches in the compose-go library) to restore support for escaped quoted characters [4]. If you encounter issues with parsing in your specific environment, ensure you are using an up-to-date version of the Docker Compose CLI [5]. If the default parsing continues to cause issues, you may alternatively use the 'raw' format attribute for your env_file, which disables interpolation and parsing entirely, passing the value to the container exactly as it appears in the file [1][6][3]. Example of using raw format: services: webapp: env_file: path:.env format: raw [1][6] top_results: [1][2][3][4] Citations:
🏁 Script executed: #!/bin/bash
set -euo pipefail
# Show the devcontainer compose service and env_file usage.
sed -n '1,120p' .devcontainer/docker-compose.yml | cat -nRepository: Framework-R-D/phlex Length of output: 1449 Escape apostrophes before writing 🤖 Prompt for AI Agents |
||
| fi | ||
|
Copilot marked this conversation as resolved.
|
||
|
|
||
| echo "SUCCESS: .devcontainer/ensure-repos.sh completed successfully" | ||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🩺 Stability & Availability | 🟡 Minor | ⚡ Quick win
🧩 Analysis chain
🏁 Script executed:
Repository: Framework-R-D/phlex
Length of output: 214
🏁 Script executed:
Repository: Framework-R-D/phlex
Length of output: 6227
🏁 Script executed:
Repository: Framework-R-D/phlex
Length of output: 5597
🏁 Script executed:
Repository: Framework-R-D/phlex
Length of output: 744
🏁 Script executed:
Repository: Framework-R-D/phlex
Length of output: 1369
🏁 Script executed:
Repository: Framework-R-D/phlex
Length of output: 197
🏁 Script executed:
Repository: Framework-R-D/phlex
Length of output: 197
🏁 Script executed:
Repository: Framework-R-D/phlex
Length of output: 520
🏁 Script executed:
Repository: Framework-R-D/phlex
Length of output: 5092
🌐 Web query:
Debian apt command line interface unstable use apt-get in scripts official documentation💡 Result:
According to official Debian documentation, the apt command-line interface is designed primarily for interactive end-user use and is not guaranteed to have a stable interface for automated scripts [1][2]. Because the apt command may change its behavior or output format between versions to better suit interactive needs, Debian explicitly recommends using apt-get and apt-cache for scripting purposes [3][1][2]. Key points regarding this distinction include: - Stable Interface: The apt-get and apt-cache commands have a well-defined, stable public interface that provides guaranteed backward compatibility, making them the appropriate choice for shell scripts and automated tasks [4][1][5]. - Interactive Focus: The apt command acts as a high-level wrapper and, while it improves the user experience with features like colorized output or progress bars, it prioritizes interactive usability over script stability [1][2]. - Warning Messages: When used in non-interactive environments (such as pipes or scripts), the apt command may issue a warning stating: "WARNING: apt does not have a stable CLI interface. Use with caution in scripts" [5][6][7]. - Functionality: All core features available in apt are also provided by apt-get and apt-cache [1][2]. Therefore, for consistent and predictable behavior in scripts, developers should rely on the latter tools [3][4].
Citations:
🏁 Script executed:
Repository: Framework-R-D/phlex
Length of output: 157
🏁 Script executed:
Repository: Framework-R-D/phlex
Length of output: 1449
Drop
sudoand useapt-getin this heredocRUNalready executes as root, sosudois redundant here; addcurlto the existing install list instead of a separate step.apt purge/apt autoremoveuse the interactiveaptCLI; switch those toapt-get purge -y ... && apt-get autoremove -yfor Dockerfile scripting.🤖 Prompt for AI Agents