feat(deploy): add healthchecks to docker, docker compose, podman quadlet, and helm chart

[thibaultamartin]

Description

This PR adds healthchecks in the OCI image and the various deployments that rely on it, namely docker-compose, podman quadlets, and helm chart.

It doesn't fine tune default values and reuses the ones in the pre-existing docker-compose.

Linked Issue

Fixes #1134

Changes

• Change the global health check command to wget -q --spider http://localhost:6060/api/v1/healthcheck to avoid littering the logs with json
• Add HEALTHCHECK instruction in Dockerfile
• Comment out healthcheck: override in docker-compose.yaml
• Update the HealthCmd command in podman/quadlet/grimmory.container for consistency
• Add startupProbe, livenessProbe, and readinessProbe in the helm chart (both in values.yaml and templates/deployment.yaml)

Manual Testing Steps

Admittedly, I only tested the helm chart deployment, without rebuilding the Docker image.

Screenshots (Optional)

Additional Context (Optional)

AI Disclosure

None

Checklist

• This PR links and implements an accepted issue.
• This PR is a single focused change. <---- I think?
• There are new or updated tests validating this change.
• I ran just ui check and just api check.
• I have added screenshots if there were any UI changes.
• I have disclosed any AI usage as per the organization AI Policy above.
• I understand all of my submitted changes.

Summary by CodeRabbit

• Reliability Improvements
  • Added a container HEALTHCHECK that probes the app health endpoint.
  • Standardized probes to HTTP GET health checks and tuned timing/retry settings across deployments.
  • Added an optional startup probe for the application to improve startup handling.
  • Replaced an active Compose healthcheck with a commented template to allow opt-in or disablement.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

Walkthrough

Adds and standardizes HTTP health checks across deployment artifacts: Dockerfile ENV/HEALTHCHECK added; Podman quadlet HealthCmd switched to spider mode; Helm values switched probes to HTTP and added startupProbe with template support; Compose grimmory healthcheck removed and left as commented templates.

Changes

Unified Healthcheck updates

Layer / File(s)	Summary
Probe schema / values deploy/helm/grimmory/values.yaml	Replaces TCP socket probes with httpGet checks against /api/v1/healthcheck (port: http); adds failureThreshold, periodSeconds, timeoutSeconds; introduces startupProbe (HTTP, periodSeconds: 30).
Helm template wiring deploy/helm/grimmory/templates/deployment.yaml	Conditionally renders .Values.startupProbe into the container spec (via toYaml) placed before liveness/readiness probes.
Container image runtime Dockerfile	Adds a final-image ENV BOOKLORE_PORT and HEALTHCHECK using wget -q --spider http://localhost:${BOOKLORE_PORT}/api/v1/healthcheck with configured interval/timeout/start-period/retries.
Podman unit deploy/podman/quadlet/grimmory.container	Updates HealthCmd from wget -q -O - http://localhost:6060/api/v1/healthcheck to wget -q --spider http://localhost:6060/api/v1/healthcheck.
Compose runtime (disabled) deploy/compose/docker-compose.yml	Removes active grimmory service healthcheck block and adds a commented-out healthcheck template; healthchecks effectively disabled in compose file.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Suggested labels

feature

Suggested reviewers

• imnotjames
• balazs-szucs
• zachyale

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title follows the conventional commit format with 'feat' type and 'deploy' scope, clearly summarizing the main change of adding healthchecks across multiple deployment platforms.
Description check	✅ Passed	The description covers all required sections: Description, Linked Issue, Changes, Manual Testing Steps, AI Disclosure, and Checklist. While manual testing was limited to helm chart only, all required sections are present.
Linked Issues check	✅ Passed	The PR successfully implements all coding objectives from issue #1134: adds HTTP-based healthcheck endpoint, implements startupProbe/livenessProbe/readinessProbe for Kubernetes, and provides equivalent checks for Docker/docker-compose/Podman.
Out of Scope Changes check	✅ Passed	All changes are directly related to adding healthchecks as defined in issue #1134. No unrelated modifications to unrelated components or functionality were introduced.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

✨ Simplify code

• Create PR with simplified code

Warning

Review ran into problems

🔥 Problems

Git: Failed to clone repository. Please run the @coderabbitai full review command to re-trigger a full review. If the issue persists, set path_filters to include or exclude specific files.

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@deploy/compose/docker-compose.yml`:
- Around line 36-42: Update grimmory-docs/docs/installation.md to reflect the
Compose file's new healthcheck policy: note that the docker-compose.yml now only
includes a commented "override-only" healthcheck block (the healthcheck:
test/interval/retries/start_period/timeout stanza) and that the project uses the
new probe-style readiness/liveness mechanism instead of the old active
wget-based check; replace the old active compose healthcheck example/command
with the commented override example and add a short example showing how to
supply an override healthcheck or configure the new probe style (mention the
healthcheck stanza and the probe endpoints used by the service).

In `@deploy/helm/grimmory/values.yaml`:
- Around line 94-109: Probes currently hardcode port 6060 in the httpGet blocks
causing desync with .Values.service.port; update the livenessProbe,
readinessProbe (and the first httpGet block) to reference the container named
port "http" instead of the numeric 6060 (i.e., set httpGet.port to the string
"http") so probes follow the container port mapping tied to {{
.Values.service.port }}.

In `@Dockerfile`:
- Around line 119-120: The HEALTHCHECK currently hardcodes port 6060; update the
Dockerfile HEALTHCHECK command to use the BOOKLORE_PORT environment variable
instead so runtime overrides are honored: modify the HEALTHCHECK line (the
existing HEALTHCHECK --interval=... CMD ...) to reference $BOOKLORE_PORT (or
${BOOKLORE_PORT}) in the URL
(http://localhost:$BOOKLORE_PORT/api/v1/healthcheck) and ensure BOOKLORE_PORT is
declared via ENV or passed at runtime so the health probe targets the correct
port.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: ASSERTIVE

Plan: Pro

Run ID: 1b361cbe-1c2c-49f5-94cd-606bf1fac81a

📥 Commits

Reviewing files that changed from the base of the PR and between 2dcbfd1 and 9e47295.

📒 Files selected for processing (5)

• Dockerfile
• deploy/compose/docker-compose.yml
• deploy/helm/grimmory/templates/deployment.yaml
• deploy/helm/grimmory/values.yaml
• deploy/podman/quadlet/grimmory.container

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Test Suite / Backend Tests

🧰 Additional context used

📓 Path-based instructions (2)

**/*

⚙️ CodeRabbit configuration file

**/*: This project is being developed using current and future-facing technologies:

• Java 25 with --enable-preview (preview features are INTENTIONAL and encouraged)
• Spring Boot 4 (latest major version, check APIs accordingly)
• Jackson 3 (new package: tools.jackson.* instead of com.fasterxml.jackson.*)
• Hibernate 7.3.x (Jakarta Persistence 3.2, new APIs; avoid deprecated Hibernate 5/6 patterns)
• Angular 21 (signals-based reactivity, no NgModules unless legacy)

Grimmory Internal Tools

• epub4j and pdfium4j are our own internal tools developed by the Grimmory team.
• Always verify behavior and API changes against the upstream repositories:
  • epub4j: https://github.com/grimmory-tools/epub4j
  • pdfium4j: https://github.com/grimmory-tools/pdfium4j
• If you encounter issues with these libraries, check if a fix exists in the upstream grimmory-tools organization.

Metadata Standards and Compliance

• For all metadata writing and parsing logic, double-check against Dublin Core and ANSI standards to ensure perfect official compliance.
• We strictly follow the widespread and official XML-compliant methods for EPUB2, EPUB3, CBX, and PDF formats.

General Java and Spring rules

• ALWAYS prefer modern, idiomatic Java 25 constructs over legacy patterns.
• Preview features (--enable-preview) are enabled and intentional; do NOT flag them as risky unless there is a concrete runtime issue.
• Prefer: records, sealed classes/interfaces, pattern matching (switch expressions, instanceof), structured concurrency (StructuredTaskScope), scoped values, string templates, unnamed patterns/variables.
• Prefer virtual threads (Thread.ofVirtual(), Executors.newVirtualThreadPerTaskExecutor()) over platform threads for I/O-bound work.
• Prefer the new Sequenced Collections API (SequencedCollection, SequencedMap) where applicable.
• Prefer var for local variables when the type is obvious from context.
• Use stream().toList() instead of stream().collect(Collectors.toList()) for imm...

Files:

• deploy/podman/quadlet/grimmory.container
• deploy/compose/docker-compose.yml
• deploy/helm/grimmory/values.yaml
• Dockerfile
• deploy/helm/grimmory/templates/deployment.yaml

**/Dockerfile*

⚙️ CodeRabbit configuration file

**/Dockerfile*: Dockerfile review:

• Prefer multi-stage builds (builder + runtime).
• Use non-root USER in the final stage.
• Pin base image versions (e.g., eclipse-temurin:25-jre-noble).
• Flag secrets or credentials embedded in the image.
• Ensure --enable-preview JVM flag is carried into ENTRYPOINT/CMD if required at runtime.

Files:

• Dockerfile

🔀 Multi-repo context grimmory-tools/grimmory-docs

[::grimmory-tools/grimmory-docs::] docs/installation.md:113-118

• Documentation includes a docker-compose healthcheck example using the old command:
  test: ["CMD-SHELL", "wget -q -O - http://localhost:6060/api/v1/healthcheck || exit 1"]
  interval: 10s, timeout: 2s, retries: 5, start_period: 10s
• PR changes the global healthcheck to use wget -q --spider ... and comments out the compose healthcheck. The docs were not updated to reflect the new --spider form nor the commented-out/removed compose healthcheck.

🔇 Additional comments (2)

deploy/podman/quadlet/grimmory.container (1)

23-23: Good alignment with image-level behavior.

Using wget -q --spider here is consistent with the Docker healthcheck strategy and avoids noisy response-body output.

deploy/helm/grimmory/templates/deployment.yaml (1)

78-81: Startup probe templating is correctly wired.

The conditional startupProbe render path is consistent with existing probe blocks and integrates cleanly.

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@deploy/compose/docker-compose.yml`:
- Line 38: The commented wget healthcheck line uses "wget --spider" without the
quiet flag; update that commented template to use "wget -q --spider" so it
matches the Dockerfile HEALTHCHECK and quadlet HealthCmd and avoids emitting
connection progress to stderr when users copy the block.

In `@deploy/helm/grimmory/values.yaml`:
- Around line 93-98: The startupProbe timeout is likely too short for a JVM
Spring Boot app running Flyway migrations; increase the probe budget by raising
startupProbe.failureThreshold from 5 to a larger value (e.g., 10 or 20) and/or
adjust startupProbe.periodSeconds if needed so the container gets ~300–600s to
start; update the startupProbe block (inspect the startupProbe,
failureThreshold, periodSeconds and httpGet.path /api/v1/healthcheck entries) to
use the new values so slow startups on resource-constrained nodes won’t trigger
premature restarts.
- Around line 92-110: The probes (startupProbe, livenessProbe, readinessProbe)
lack timeoutSeconds and thus use the 1s Kubernetes default which is too short
for a JVM Spring Boot app; update each probe block (startupProbe, livenessProbe,
readinessProbe) to add timeoutSeconds: 5 so HTTP GET `/api/v1/healthcheck` has a
5-second timeout to avoid spurious failures under GC/CPU pressure.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: ASSERTIVE

Plan: Pro

Run ID: 56c461a6-37c9-45ce-beb7-5da97838bc7f

📥 Commits

Reviewing files that changed from the base of the PR and between bed83fc and 488c6e8.

📒 Files selected for processing (4)

• deploy/compose/docker-compose.yml
• deploy/helm/grimmory/templates/deployment.yaml
• deploy/helm/grimmory/values.yaml
• deploy/podman/quadlet/grimmory.container

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: Test Suite / Backend Tests
• GitHub Check: Test Suite / Frontend Tests
• GitHub Check: Analyze (javascript-typescript)
• GitHub Check: Analyze (java-kotlin)
• GitHub Check: Frontend Lint Threshold Check

🧰 Additional context used

📓 Path-based instructions (1)

**/*

⚙️ CodeRabbit configuration file

**/*: This project is being developed using current and future-facing technologies:

• Java 25 with --enable-preview (preview features are INTENTIONAL and encouraged)
• Spring Boot 4 (latest major version, check APIs accordingly)
• Jackson 3 (new package: tools.jackson.* instead of com.fasterxml.jackson.*)
• Hibernate 7.3.x (Jakarta Persistence 3.2, new APIs; avoid deprecated Hibernate 5/6 patterns)
• Angular 21 (signals-based reactivity, no NgModules unless legacy)

Grimmory Internal Tools

• epub4j and pdfium4j are our own internal tools developed by the Grimmory team.
• Always verify behavior and API changes against the upstream repositories:
  • epub4j: https://github.com/grimmory-tools/epub4j
  • pdfium4j: https://github.com/grimmory-tools/pdfium4j
• If you encounter issues with these libraries, check if a fix exists in the upstream grimmory-tools organization.

Metadata Standards and Compliance

• For all metadata writing and parsing logic, double-check against Dublin Core and ANSI standards to ensure perfect official compliance.
• We strictly follow the widespread and official XML-compliant methods for EPUB2, EPUB3, CBX, and PDF formats.

General Java and Spring rules

• ALWAYS prefer modern, idiomatic Java 25 constructs over legacy patterns.
• Preview features (--enable-preview) are enabled and intentional; do NOT flag them as risky unless there is a concrete runtime issue.
• Prefer: records, sealed classes/interfaces, pattern matching (switch expressions, instanceof), structured concurrency (StructuredTaskScope), scoped values, string templates, unnamed patterns/variables.
• Prefer virtual threads (Thread.ofVirtual(), Executors.newVirtualThreadPerTaskExecutor()) over platform threads for I/O-bound work.
• Prefer the new Sequenced Collections API (SequencedCollection, SequencedMap) where applicable.
• Prefer var for local variables when the type is obvious from context.
• Use stream().toList() instead of stream().collect(Collectors.toList()) for imm...

Files:

• deploy/helm/grimmory/templates/deployment.yaml
• deploy/helm/grimmory/values.yaml
• deploy/podman/quadlet/grimmory.container
• deploy/compose/docker-compose.yml

🔀 Multi-repo context grimmory-tools/grimmory-docs

grimmory-tools/grimmory-docs

• docs/installation.md contains an active Docker Compose healthcheck example that uses the old wget form (prints body):
  • healthcheck block and example present around lines ~113–118 and the compose snippet earlier in the file. [::grimmory-tools/grimmory-docs::docs/installation.md:113-118]

Relevance: Documentation still shows the previous command (wget -q -O - http://localhost:6060/api/v1/healthcheck) and an enabled compose healthcheck, which conflicts with the PR changes that switch to wget --spider and comment out the compose healthcheck.

🔇 Additional comments (2)

deploy/podman/quadlet/grimmory.container (1)

23-23: LGTM!

Switching to wget -q --spider correctly performs a no-output HEAD-style probe, eliminating the JSON body from container logs.

deploy/helm/grimmory/templates/deployment.yaml (1)

78-81: LGTM!

The startupProbe conditional block is consistent with how livenessProbe and readinessProbe are already handled, and correct placement before those probes ensures Kubernetes disables them until startup succeeds.

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (2)

deploy/helm/grimmory/values.yaml (1)

93-99: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

startupProbe window of 150 s is likely too short for a JVM + Spring Boot 4 + Flyway app.

failureThreshold: 5 × periodSeconds: 30 = 150 seconds before Kubernetes kills and restarts the container. This was flagged in a prior review but remains unchanged.

The official Kubernetes example for slow-starting applications uses failureThreshold: 30 with periodSeconds: 10, giving the container a maximum of 5 minutes (300 s) to finish startup. JVM applications are notorious for slow startup times, and this app also runs Flyway DB migrations after the init container unblocks. A safe starting point recommended for Spring Boot services is failureThreshold: 30 with periodSeconds: 10 and timeoutSeconds: 5, allowing up to 5 minutes for a cold start.

Consider at minimum failureThreshold: 10 (300 s) or higher for resource-constrained nodes.

🛡️ Proposed fix

 startupProbe:
   httpGet:
     path: /api/v1/healthcheck
     port: http
-  failureThreshold: 5
-  periodSeconds: 30
+  failureThreshold: 10
+  periodSeconds: 30
   timeoutSeconds: 5

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@deploy/helm/grimmory/values.yaml` around lines 93 - 99, The startupProbe
timings are too short for a JVM + Spring Boot 4 + Flyway app: update the
startupProbe settings in the values.yaml (the startupProbe block containing
httpGet, failureThreshold, periodSeconds, timeoutSeconds) to allow a longer
cold-start window — set failureThreshold: 30 and periodSeconds: 10 with
timeoutSeconds: 5 (or at minimum increase failureThreshold to 10 if you need a
smaller change) so Kubernetes will allow up to ~5 minutes for startup before
restarting the container.

deploy/compose/docker-compose.yml (1)

36-46: ⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Linked-repo docs still reference the old healthcheck command.

According to the linked repository context, grimmory-tools/grimmory-docs/docs/installation.md (around lines 113–118) still shows wget -q -O - http://localhost:6060/api/v1/healthcheck and an active (non-commented) healthcheck block, which conflicts with both the switch to --spider and the compose healthcheck now being commented out. Users following the installation docs would get divergent behavior.

Please verify whether the grimmory-docs update landed — or open a follow-up PR in that repo to replace the old command with the new --spider form and reflect the "commented override" pattern introduced here.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@deploy/compose/docker-compose.yml` around lines 36 - 46, Docs and compose
disagree on the healthcheck: update the documentation in
grimmory-docs/docs/installation.md to match the docker-compose.yml change by
replacing the old wget command `wget -q -O -
http://localhost:6060/api/v1/healthcheck` with the new `wget -q --spider
http://localhost:6060/api/v1/healthcheck` and also change the example
healthcheck block in the docs to show the commented-override pattern (i.e., show
the healthcheck block commented out with the same commented fields as in
docker-compose.yml); if the docs repo has not been updated here, open a
follow-up PR in that repo applying these exact edits and mention this compose
change so users see consistent instructions.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@deploy/helm/grimmory/values.yaml`:
- Around line 107-113: The readinessProbe is pointed at /api/v1/healthcheck
which always returns 200 from HealthcheckController and won't fail when the DB
is down; update the readiness probe to use an endpoint that reflects DB
readiness (either enable and point to Spring Boot Actuator
/actuator/health/readiness which includes DB indicators, or modify
HealthcheckController's /api/v1/healthcheck to perform a simple DB connectivity
check such as a JDBC ping/SELECT 1 and return non-200 when the DB is
unreachable) and change the readinessProbe target accordingly.

---

Duplicate comments:
In `@deploy/compose/docker-compose.yml`:
- Around line 36-46: Docs and compose disagree on the healthcheck: update the
documentation in grimmory-docs/docs/installation.md to match the
docker-compose.yml change by replacing the old wget command `wget -q -O -
http://localhost:6060/api/v1/healthcheck` with the new `wget -q --spider
http://localhost:6060/api/v1/healthcheck` and also change the example
healthcheck block in the docs to show the commented-override pattern (i.e., show
the healthcheck block commented out with the same commented fields as in
docker-compose.yml); if the docs repo has not been updated here, open a
follow-up PR in that repo applying these exact edits and mention this compose
change so users see consistent instructions.

In `@deploy/helm/grimmory/values.yaml`:
- Around line 93-99: The startupProbe timings are too short for a JVM + Spring
Boot 4 + Flyway app: update the startupProbe settings in the values.yaml (the
startupProbe block containing httpGet, failureThreshold, periodSeconds,
timeoutSeconds) to allow a longer cold-start window — set failureThreshold: 30
and periodSeconds: 10 with timeoutSeconds: 5 (or at minimum increase
failureThreshold to 10 if you need a smaller change) so Kubernetes will allow up
to ~5 minutes for startup before restarting the container.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: ASSERTIVE

Plan: Pro

Run ID: f45d20e9-384e-4b0d-8ff0-d7df46a354bc

📥 Commits

Reviewing files that changed from the base of the PR and between 488c6e8 and ac89fdd.

📒 Files selected for processing (4)

• deploy/compose/docker-compose.yml
• deploy/helm/grimmory/templates/deployment.yaml
• deploy/helm/grimmory/values.yaml
• deploy/podman/quadlet/grimmory.container

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: Test Suite / Backend Tests
• GitHub Check: Test Suite / Frontend Tests
• GitHub Check: Analyze (java-kotlin)
• GitHub Check: Analyze (javascript-typescript)
• GitHub Check: Frontend Lint Threshold Check

🧰 Additional context used

📓 Path-based instructions (1)

**/*

⚙️ CodeRabbit configuration file

**/*: This project is being developed using current and future-facing technologies:

• Java 25 with --enable-preview (preview features are INTENTIONAL and encouraged)
• Spring Boot 4 (latest major version, check APIs accordingly)
• Jackson 3 (new package: tools.jackson.* instead of com.fasterxml.jackson.*)
• Hibernate 7.3.x (Jakarta Persistence 3.2, new APIs; avoid deprecated Hibernate 5/6 patterns)
• Angular 21 (signals-based reactivity, no NgModules unless legacy)

Grimmory Internal Tools

• epub4j and pdfium4j are our own internal tools developed by the Grimmory team.
• Always verify behavior and API changes against the upstream repositories:
  • epub4j: https://github.com/grimmory-tools/epub4j
  • pdfium4j: https://github.com/grimmory-tools/pdfium4j
• If you encounter issues with these libraries, check if a fix exists in the upstream grimmory-tools organization.

Metadata Standards and Compliance

• For all metadata writing and parsing logic, double-check against Dublin Core and ANSI standards to ensure perfect official compliance.
• We strictly follow the widespread and official XML-compliant methods for EPUB2, EPUB3, CBX, and PDF formats.

General Java and Spring rules

• ALWAYS prefer modern, idiomatic Java 25 constructs over legacy patterns.
• Preview features (--enable-preview) are enabled and intentional; do NOT flag them as risky unless there is a concrete runtime issue.
• Prefer: records, sealed classes/interfaces, pattern matching (switch expressions, instanceof), structured concurrency (StructuredTaskScope), scoped values, string templates, unnamed patterns/variables.
• Prefer virtual threads (Thread.ofVirtual(), Executors.newVirtualThreadPerTaskExecutor()) over platform threads for I/O-bound work.
• Prefer the new Sequenced Collections API (SequencedCollection, SequencedMap) where applicable.
• Prefer var for local variables when the type is obvious from context.
• Use stream().toList() instead of stream().collect(Collectors.toList()) for imm...

Files:

• deploy/helm/grimmory/templates/deployment.yaml
• deploy/podman/quadlet/grimmory.container
• deploy/helm/grimmory/values.yaml
• deploy/compose/docker-compose.yml

🔀 Multi-repo context grimmory-tools/grimmory-docs

grimmory-tools/grimmory-docs

• docs/installation.md contains an active Docker Compose healthcheck example that uses the old wget form (prints body):
  • healthcheck block and example present around lines ~113–118 and the compose snippet earlier in the file. [::grimmory-tools/grimmory-docs::docs/installation.md:113-118]

Relevance: Documentation still shows the previous command (wget -q -O - http://localhost:6060/api/v1/healthcheck) and an enabled compose healthcheck, which conflicts with the PR changes that switch to wget --spider and comment out the compose healthcheck.

🔇 Additional comments (2)

deploy/podman/quadlet/grimmory.container (1)

23-23: LGTM — consistent and correct.

wget -q --spider matches the Dockerfile HEALTHCHECK and the docker-compose override template, making the probe behavior uniform across all runtimes.

deploy/helm/grimmory/templates/deployment.yaml (1)

78-81: LGTM — correct and idiomatic Helm.

The {{- with .Values.startupProbe }} / toYaml . | nindent 12 pattern is identical to the existing livenessProbe and readinessProbe blocks, the indentation is correct, and the conditional correctly allows users to disable the probe by nulling out the value in their override.

[obviouslyallie]

Does this need to be updated in the readme and the doc page as well?

[thibaultamartin]

I'm not sure this needs to be updated in the README or docs, since this makes the healthcheck section of the docker-compose.yml file optional, but it doesn't hurt to add it.

Maybe it would make sense to drop it from the examples to keep the docker-compose minimal, since both point to the more complete version in the repo?

[thibaultamartin]

I might be overengineering it, but I think it would also make sense to make the CI open a PR against grimmory-tools/grimmory-docs when a change is detected in deploy/compose/docker-compose.yaml to keep docs examples up to date when the compose file is updated. But that would be for a separate PR.

[imnotjames]

I might be overengineering it, but I think it would also make sense to make the CI open a PR against grimmory-tools/grimmory-docs when a change is detected in deploy/compose/docker-compose.yaml to keep docs examples up to date when the compose file is updated. But that would be for a separate PR.

Unless we start seeing a lotta changes, overhead could outweigh it. Not sure.

[imnotjames]

Doing one last test actually - then I'll merge.

[imnotjames]

If we want to use the var here I think it needs to have

ENV BOOKLORE_PORT=${BOOKLORE_PORT}

Otherwise we never reach a healthy state seen with docker container ls

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@deploy/podman/quadlet/grimmory.container`:
- Line 23: HealthCmd currently hardcodes port 6060 causing mismatched health
checks when BOOKLORE_PORT is changed; change the Quadlet HealthCmd to use the
shell form so the container shell expands the environment variable (use
${BOOKLORE_PORT} in the URL) by switching to a CMD-SHELL style HealthCmd that
executes wget -q --spider http://localhost:${BOOKLORE_PORT}/api/v1/healthcheck;
ensure the BOOKLORE_PORT env var (already set in the Dockerfile ENV) is present
in the container environment so the shell expansion works at health-check time.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository YAML (base), Organization UI (inherited)

Review profile: ASSERTIVE

Plan: Pro

Run ID: d3f8e753-b78b-4b16-812a-da8424c03db4

📥 Commits

Reviewing files that changed from the base of the PR and between ac89fdd and f461025.

📒 Files selected for processing (5)

• Dockerfile
• deploy/compose/docker-compose.yml
• deploy/helm/grimmory/templates/deployment.yaml
• deploy/helm/grimmory/values.yaml
• deploy/podman/quadlet/grimmory.container

📜 Review details

🧰 Additional context used

📓 Path-based instructions (2)

**/*

⚙️ CodeRabbit configuration file

**/*: This project is being developed using current and future-facing technologies:

• Java 25 with --enable-preview (preview features are INTENTIONAL and encouraged)
• Spring Boot 4 (latest major version, check APIs accordingly)
• Jackson 3 (new package: tools.jackson.* instead of com.fasterxml.jackson.*)
• Hibernate 7.3.x (Jakarta Persistence 3.2, new APIs; avoid deprecated Hibernate 5/6 patterns)
• Angular 21 (signals-based reactivity, no NgModules unless legacy)

Grimmory Internal Tools

• epub4j and pdfium4j are our own internal tools developed by the Grimmory team.
• Always verify behavior and API changes against the upstream repositories:
  • epub4j: https://github.com/grimmory-tools/epub4j
  • pdfium4j: https://github.com/grimmory-tools/pdfium4j
• If you encounter issues with these libraries, check if a fix exists in the upstream grimmory-tools organization.

Metadata Standards and Compliance

• For all metadata writing and parsing logic, double-check against Dublin Core and ANSI standards to ensure perfect official compliance.
• We strictly follow the widespread and official XML-compliant methods for EPUB2, EPUB3, CBX, and PDF formats.

General Java and Spring rules

• ALWAYS prefer modern, idiomatic Java 25 constructs over legacy patterns.
• Preview features (--enable-preview) are enabled and intentional; do NOT flag them as risky unless there is a concrete runtime issue.
• Prefer: records, sealed classes/interfaces, pattern matching (switch expressions, instanceof), structured concurrency (StructuredTaskScope), scoped values, string templates, unnamed patterns/variables.
• Prefer virtual threads (Thread.ofVirtual(), Executors.newVirtualThreadPerTaskExecutor()) over platform threads for I/O-bound work.
• Prefer the new Sequenced Collections API (SequencedCollection, SequencedMap) where applicable.
• Prefer var for local variables when the type is obvious from context.
• Use stream().toList() instead of stream().collect(Collectors.toList()) for imm...

Files:

• deploy/podman/quadlet/grimmory.container
• deploy/helm/grimmory/templates/deployment.yaml
• deploy/compose/docker-compose.yml
• deploy/helm/grimmory/values.yaml
• Dockerfile

**/Dockerfile*

⚙️ CodeRabbit configuration file

**/Dockerfile*: Dockerfile review:

• Prefer multi-stage builds (builder + runtime).
• Use non-root USER in the final stage.
• Pin base image versions (e.g., eclipse-temurin:25-jre-noble).
• Flag secrets or credentials embedded in the image.
• Ensure --enable-preview JVM flag is carried into ENTRYPOINT/CMD if required at runtime.

Files:

• Dockerfile

🔀 Multi-repo context grimmory-tools/grimmory-docs

Linked repositories findings

grimmory-tools/grimmory-docs

• docs/installation.md: contains the Docker Compose example for the grimmory service that exposes BOOKLORE_PORT and shows the compose snippet. [::grimmory-tools/grimmory-docs::docs/installation.md:73]
• docs/installation.md: the compose snippet includes a healthcheck block for the mariadb service (not for grimmory) at the shown healthcheck lines. [::grimmory-tools/grimmory-docs::docs/installation.md:113]
• Multiple docs reference docker-compose and BOOKLORE_PORT (e.g., docs/getting-started.md and others), so changing the compose example or its healthcheck behavior in the main repo could warrant a docs update across these pages. [::grimmory-tools/grimmory-docs::docs/getting-started.md:38]

Conclusion: grimmory-docs contains docker-compose examples and references to BOOKLORE_PORT; review whether the PR's change (switching to wget --spider, commenting out grimmory healthcheck, and making healthcheck optional) should be reflected in these docs.

🔇 Additional comments (4)

Dockerfile (1)

117-121: Looks good — Docker healthcheck now correctly follows configurable port.

Using BOOKLORE_PORT in the probe command addresses the prior unhealthy-state issue when port is overridden.

deploy/compose/docker-compose.yml (1)

36-46: Compose override-only healthcheck pattern is clean and clear.

The commented override and disable examples are well-scoped and align with fallback-to-image healthcheck behavior.

deploy/helm/grimmory/templates/deployment.yaml (1)

78-81: Good Helm templating change for startup probe support.

Conditional rendering is implemented correctly and keeps chart behavior configurable via values.

deploy/helm/grimmory/values.yaml (1)

92-113: Probe defaults are solid and internally consistent.

Using HTTP checks on named port http with explicit timeout values is a strong default for this chart.

[thibaultamartin]

The point raised by CodeRabbit about the podman quadlet seems valid to me.

I'm running Fedora Silverblue, which makes everything docker a pain in the backside but everything podman much easier to test. I'll have a look and test it properly for the quadlet in the European evening.

Next time I'll touch the Dockerfile or docker-compose I'll also spin up a VM to test them properly 🫡