Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Seprated env variables for specific app containers and added SSL feature using caddy #5429

Draft
wants to merge 24 commits into
base: preview
Choose a base branch
from

Conversation

akshat5302
Copy link
Collaborator

@akshat5302 akshat5302 commented Aug 26, 2024

Changes:
This PR includes seprated env variables for specific app containers and added SSL feature using caddy

Summary by CodeRabbit

  • New Features

    • Introduced a new Caddy configuration file for enhanced reverse proxy management.
    • Added a dynamic environment variable system for SSL certificate management.
    • Implemented a new build configuration for the proxy service utilizing Caddy.
    • Added a new service for live data handling with WebSocket support.
    • Enhanced installation script with improved error handling and version management.
  • Improvements

    • Streamlined Docker Compose configuration for better maintainability and clarity.
    • Enhanced routing capabilities within the Caddy server for multiple services.
    • Improved SSL configuration handling for secure deployments.
    • Increased reliability of the installation process through robust error checks.
  • Chores

    • Updated Dockerfile and associated scripts for initializing the Caddy web server.

Copy link
Contributor

coderabbitai bot commented Aug 26, 2024

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

The updates implement a configuration for a Caddy web server, modifying the GitHub Actions workflow for building Docker images and enhancing the Docker Compose setup. New environment variables for SSL management and reverse proxy settings are established. A structured Caddyfile template is created for routing, and reusable YAML anchors streamline environment variable declarations. Additionally, a new job for asset publishing during releases is added to the workflow, alongside the introduction of a "live" service in the deployment configuration. The installation script is also improved to handle errors and manage release versions.

Changes

Files Change Summary
.github/workflows/build-branch.yml Updated Docker build context from nginx to caddy directory and added publish_assets job for release events.
caddy/Caddyfile.template New reverse proxy configuration with various route directives and global settings.
deploy/selfhost/docker-compose.yml Created YAML anchors for environment variables, updated services to use these anchors, and added new volumes.
deploy/selfhost/variables.env Added SSL management variables including SSL, CERT_EMAIL, CERT_ACME_CA, and TRUSTED_PROXIES.
aio/Dockerfile-app Enhanced build process to include a new "live" component and added necessary file transfers.
aio/nginx.conf Introduced new location block for handling /live/ requests with WebSocket proxy settings.
aio/supervisord-app Added configuration for a new live server process with logging and environment settings.
deploy/selfhost/build.yml Introduced a new service configuration for the "live" environment and modified existing proxy service context.
deploy/selfhost/install.sh Added RELEASE_TAG variable, improved error handling in downloads, and updated environment synchronization.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant Caddy
    participant App

    User->>Caddy: Request
    Caddy->>App: Reverse Proxy to appropriate service
    App-->>Caddy: Response
    Caddy-->>User: Return response
Loading

🐇 In the garden, changes bloom,
Caddy's here to chase the gloom.
With routes defined and paths anew,
The services dance, all fresh and true.
A hop, a skip, let’s celebrate,
For seamless flows, we can’t wait! 🌼


Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

Outside diff range, codebase verification and nitpick comments (2)
deploy/selfhost/docker-compose.yml (2)

205-205: Add a new line character at the end of the file.

The file is missing a new line character at the end.

Apply this diff to fix the issue:

+  
Tools
yamllint

[error] 205-205: no new line character at the end of file

(new-line-at-end-of-file)


[error] 205-205: trailing spaces

(trailing-spaces)


205-205: Remove trailing spaces at the end of the file.

The file has trailing spaces at the end.

Apply this diff to fix the issue:

-  
Tools
yamllint

[error] 205-205: no new line character at the end of file

(new-line-at-end-of-file)


[error] 205-205: trailing spaces

(trailing-spaces)

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 4689ebe and 99ab338.

Files selected for processing (6)
  • .github/workflows/build-branch.yml (1 hunks)
  • caddy/Caddyfile.template (1 hunks)
  • caddy/Dockerfile (1 hunks)
  • caddy/caddy.sh (1 hunks)
  • deploy/selfhost/docker-compose.yml (6 hunks)
  • deploy/selfhost/variables.env (2 hunks)
Additional context used
Shellcheck
caddy/caddy.sh

[warning] 3-3: Declare and assign separately to avoid masking return values.

(SC2155)


[warning] 3-3: Quote this to prevent word splitting.

(SC2046)

GitHub Check: Codacy Static Code Analysis
caddy/Dockerfile

[warning] 1-1: caddy/Dockerfile#L1
Using latest is prone to errors if the image will ever update. Pin the version explicitly to a release tag

yamllint
deploy/selfhost/docker-compose.yml

[error] 205-205: no new line character at the end of file

(new-line-at-end-of-file)


[error] 205-205: trailing spaces

(trailing-spaces)

Additional comments not posted (25)
caddy/caddy.sh (1)

4-4: LGTM!

The line is correctly implemented.

The code changes are approved.

caddy/Dockerfile (1)

3-9: LGTM!

The lines are correctly implemented.

The code changes are approved.

caddy/Caddyfile.template (3)

1-17: LGTM!

The section is correctly implemented.

The code changes are approved.


19-28: LGTM!

The section is correctly implemented.

The code changes are approved.


30-32: LGTM!

The section is correctly implemented.

The code changes are approved.

deploy/selfhost/variables.env (4)

3-3: LGTM!

The SSL variable is correctly added with a default value of false.

The code changes are approved.


33-33: LGTM!

The CERT_EMAIL variable is correctly added with a default value of [email protected].

The code changes are approved.


34-34: LGTM!

The CERT_ACME_CA variable is correctly added with a default value of https://acme-v02.api.letsencrypt.org/directory.

The code changes are approved.


35-35: LGTM!

The TRUSTED_PROXIES variable is correctly added with a default value of 0.0.0.0/0.

The code changes are approved.

deploy/selfhost/docker-compose.yml (15)

1-9: LGTM!

The x-db-env anchor is correctly added to encapsulate PostgreSQL environment variables, improving modularity and reducing redundancy.

The code changes are approved.


10-14: LGTM!

The x-redis-env anchor is correctly added to encapsulate Redis environment variables, improving modularity and reducing redundancy.

The code changes are approved.


15-25: LGTM!

The x-data-store-env anchor is correctly added to encapsulate MinIO environment variables, improving modularity and reducing redundancy.

The code changes are approved.


26-34: LGTM!

The x-proxy-env anchor is correctly added to encapsulate proxy environment variables, improving modularity and reducing redundancy.

The code changes are approved.


97-98: LGTM!

The environment in service api is correctly updated to include <<: [ *app-env, *db-env, *redis-env, *data-store-env, *proxy-env ], improving maintainability and clarity.

The code changes are approved.


111-112: LGTM!

The environment in service worker is correctly updated to include <<: [ *app-env, *db-env, *redis-env, *data-store-env, *proxy-env ], improving maintainability and clarity.

The code changes are approved.


126-127: LGTM!

The environment in service beat-worker is correctly updated to include <<: [ *app-env, *db-env, *redis-env, *data-store-env, *proxy-env ], improving maintainability and clarity.

The code changes are approved.


141-142: LGTM!

The environment in service migrator is correctly updated to include <<: [ *app-env, *db-env, *redis-env, *data-store-env, *proxy-env ], improving maintainability and clarity.

The code changes are approved.


152-153: LGTM!

The environment in service plane-db is correctly updated to include <<: *db-env, improving maintainability and clarity.

The code changes are approved.


161-162: LGTM!

The environment in service plane-redis is correctly updated to include <<: *redis-env, improving maintainability and clarity.

The code changes are approved.


171-172: LGTM!

The environment in service plane-minio is correctly updated to include <<: *data-store-env, improving maintainability and clarity.

The code changes are approved.


183-184: LGTM!

The ports in service proxy are correctly updated to use LISTEN_HTTP_PORT and LISTEN_HTTPS_PORT variables, providing greater flexibility in configuring the service's network settings.

The code changes are approved.


186-187: LGTM!

The volumes in service proxy are correctly updated to include caddy_config and caddy_data, indicating an expansion in the functionality of the proxy service.

The code changes are approved.


188-189: LGTM!

The environment in service proxy is correctly updated to include <<: *proxy-env, improving maintainability and clarity.

The code changes are approved.


203-204: LGTM!

The volumes section is correctly updated to include caddy_config and caddy_data, indicating an expansion in the functionality of the proxy service.

The code changes are approved.

.github/workflows/build-branch.yml (1)

333-334: LGTM!

The context and file paths in the branch_build_push_proxy job are correctly updated to use the caddy directory, indicating a shift in the technology or configuration being utilized for the proxy service.

The code changes are approved.

caddy/caddy.sh Outdated Show resolved Hide resolved
caddy/Dockerfile Show resolved Hide resolved
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 99ab338 and da11073.

Files selected for processing (3)
  • caddy/caddy.sh (1 hunks)
  • deploy/selfhost/docker-compose.yml (6 hunks)
  • deploy/selfhost/variables.env (2 hunks)
Files skipped from review as they are similar to previous changes (1)
  • deploy/selfhost/variables.env
Additional context used
Shellcheck
caddy/caddy.sh

[warning] 3-3: In POSIX sh, == in place of = is undefined.

(SC3014)


[warning] 5-5: In POSIX sh, == in place of = is undefined.

(SC3014)

yamllint
deploy/selfhost/docker-compose.yml

[error] 204-204: no new line character at the end of file

(new-line-at-end-of-file)


[error] 204-204: trailing spaces

(trailing-spaces)

Additional comments not posted (3)
deploy/selfhost/docker-compose.yml (3)

1-8: Excellent use of YAML anchors for environment variables.

The introduction of x-db-env, x-redis-env, x-data-store-env, and x-proxy-env enhances modularity and reduces redundancy. This approach allows for cleaner and more maintainable Docker Compose configurations.

The changes are approved.

Also applies to: 10-14, 15-25, 26-34


96-97: Proper usage of YAML anchors in service configurations.

The environment variable declarations for services like api, worker, beat-worker, migrator, plane-db, plane-redis, plane-minio, and proxy correctly utilize the defined YAML anchors. This ensures that each service inherits the necessary environment variables without cluttering the main service definitions.

The changes are approved.

Also applies to: 110-111, 125-126, 140-141, 151-152, 160-161, 170-171, 187-188


Line range hint 182-203: Dynamic port mapping and volume additions for the proxy service.

The changes to port mapping and the addition of caddy_config and caddy_data volumes for the proxy service are well-implemented, providing flexibility and supporting the management of SSL certificates and configuration files.

The changes are approved.

caddy/caddy.sh Show resolved Hide resolved
deploy/selfhost/docker-compose.yml Outdated Show resolved Hide resolved
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between da11073 and 3d12305.

Files selected for processing (1)
  • deploy/selfhost/variables.env (2 hunks)
Additional comments not posted (2)
deploy/selfhost/variables.env (2)

3-3: Review SSL default setting.

The SSL=false setting is appropriate for default configurations, ensuring that SSL is opt-in rather than enforced by default. This approach supports backward compatibility and flexibility for environments where SSL might not be necessary.

The default setting is approved as it provides flexibility in deployment.


35-35: Review ACME CA URL setting.

The CERT_ACME_CA=https://acme-v02.api.letsencrypt.org/directory is correctly set to point to the Let's Encrypt ACME directory. This setting is crucial for the automatic issuance and renewal of SSL certificates.

The ACME CA URL is correctly configured for SSL certificate management.

deploy/selfhost/variables.env Outdated Show resolved Hide resolved
deploy/selfhost/variables.env Show resolved Hide resolved
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 3d12305 and cf60448.

Files selected for processing (1)
  • caddy/caddy.sh (1 hunks)
Files skipped from review due to trivial changes (1)
  • caddy/caddy.sh

SSL: ${SSL:-false}
APP_DOMAIN: ${APP_DOMAIN:-localhost}
FILE_SIZE_LIMIT: ${FILE_SIZE_LIMIT:-5242880}
CERT_EMAIL: ${CERT_EMAIL:[email protected]}
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Change it to CERT_EMAIL: ${CERT_EMAIL}

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done changes

CERT_EMAIL: ${CERT_EMAIL:[email protected]}
CERT_ACME_CA: ${CERT_ACME_CA:-}
LISTEN_HTTP_PORT: ${LISTEN_PORT:-80}
LISTEN_HTTPS_PORT: ${LISTEN_SSL_PORT}
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Change this to LISTEN_HTTPS_PORT: ${LISTEN_SSL_PORT:-443}

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done changes

@@ -28,6 +30,11 @@ REDIS_HOST=plane-redis
REDIS_PORT=6379
REDIS_URL=

# If SSL Cert to be generated, set CERT_EMAIL and APP_PROTOCOL to https
[email protected]
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

leave it empty without value CERT_EMAIL=

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

changed it to empty

Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between cf60448 and f02e67a.

Files selected for processing (1)
  • deploy/selfhost/variables.env (2 hunks)
Additional comments not posted (4)
deploy/selfhost/variables.env (4)

3-3: SSL Default Setting

The SSL=false setting is clear and indicates that SSL is not enabled by default. This is a safe default but ensure that documentation or deployment scripts clearly guide users on how to enable SSL if needed.


10-11: Review Server Port Configuration

The configuration includes both standard HTTP (LISTEN_PORT=80) and HTTPS (LISTEN_SSL_PORT=443) ports. This setup is typical and appropriate for applications that may switch between SSL and non-SSL modes. Ensure firewall and security group settings are configured to appropriately expose these ports based on the environment.


35-35: Specify ACME CA for SSL Certificates

The CERT_ACME_CA=https://acme-v02.api.letsencrypt.org/directory setting specifies the ACME directory URL for Let's Encrypt, which is standard for obtaining SSL certificates. This setting is correctly configured for environments that will use Let's Encrypt as the CA.


36-36: Review Trusted Proxies Setting

Setting TRUSTED_PROXIES=0.0.0.0/0 allows all IP addresses to be trusted as proxies. This setting can introduce security risks if not properly managed, especially in a production environment. Consider restricting this setting to specific IP ranges or addresses that are known to be secure to mitigate potential security risks.

deploy/selfhost/variables.env Show resolved Hide resolved
@akshat5302 akshat5302 requested a review from mguptahub August 28, 2024 11:14
Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between f02e67a and 83a6ba8.

Files selected for processing (1)
  • deploy/selfhost/docker-compose.yml (6 hunks)
Additional context used
yamllint
deploy/selfhost/docker-compose.yml

[error] 204-204: no new line character at the end of file

(new-line-at-end-of-file)


[error] 204-204: trailing spaces

(trailing-spaces)

Additional comments not posted (14)
deploy/selfhost/docker-compose.yml (14)

1-8: Well-defined PostgreSQL environment configuration.

The anchor x-db-env is well-structured and uses environment variables with sensible defaults, which enhances the configurability and isolation of PostgreSQL settings.


10-13: Well-defined Redis environment configuration.

The anchor x-redis-env is correctly set up with default values, facilitating better management of Redis settings.


15-24: Comprehensive MinIO environment configuration.

The anchor x-data-store-env includes comprehensive settings for MinIO, including AWS compatibility, which enhances the flexibility and configurability of data storage settings.


26-33: Robust proxy environment configuration with SSL support.

The anchor x-proxy-env is crucial for the SSL feature added by this PR. It includes settings for SSL, domain, and port configurations, enhancing the security and flexibility of the proxy service.


34-46: Comprehensive application environment configuration.

The anchor x-app-env is set up with a variety of settings that are crucial for the application's operation, ensuring a robust configuration management.


96-97: Well-configured API service with comprehensive environment settings.

The service api uses combined environment variables from all anchors, ensuring that it has all necessary configurations for robust operation.


110-111: Consistent environment configuration across backend services.

The service worker mirrors the api service in using combined environment variables from all anchors, ensuring consistency and comprehensive settings.


125-126: Uniform environment configuration for scheduled tasks.

The service beat-worker uses combined environment variables from all anchors, ensuring uniformity and comprehensive settings for scheduled tasks.


140-141: Consistent environment configuration for migration tasks.

The service migrator uses combined environment variables from all anchors, ensuring consistency and comprehensive settings for migration tasks.


151-152: Properly configured database service.

The service plane-db uses the db-env anchor for environment variables, ensuring that it has all necessary PostgreSQL configurations for robust operation.


160-161: Well-configured Redis service.

The service plane-redis uses the redis-env anchor for environment variables, ensuring that it is properly configured for robust operation.


170-171: Properly configured MinIO service.

The service plane-minio uses the data-store-env anchor for environment variables, ensuring that it has all necessary configurations for robust data storage operation.


182-188: Enhanced proxy service configuration with SSL support.

The service proxy uses the proxy-env anchor for environment variables, including SSL settings. The dynamic port mapping enhances the flexibility and security of the proxy service.


202-203: Appropriate addition of SSL-related volumes.

The new volumes caddy_config and caddy_data are appropriately added, likely for managing SSL certificates and configuration files for the proxy service.

Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 83a6ba8 and 1968242.

Files selected for processing (2)
  • .github/workflows/build-branch.yml (1 hunks)
  • deploy/selfhost/install.sh (4 hunks)
Additional context used
Shellcheck
deploy/selfhost/install.sh

[warning] 238-238: Quote this to prevent word splitting.

(SC2046)


[warning] 241-241: Quote this to prevent word splitting.

(SC2046)


[warning] 248-248: Quote this to prevent word splitting.

(SC2046)


[warning] 251-251: Quote this to prevent word splitting.

(SC2046)

GitHub Check: Codacy Static Code Analysis
deploy/selfhost/install.sh

[warning] 238-238: deploy/selfhost/install.sh#L238
Double quote to prevent globbing and word splitting.


[warning] 248-248: deploy/selfhost/install.sh#L248
Double quote to prevent globbing and word splitting.

Additional comments not posted (6)
.github/workflows/build-branch.yml (2)

333-334: LGTM! But verify the Dockerfile path.

The change to use Caddy instead of Nginx for the proxy service looks good. Ensure that the new Dockerfile path is correct and properly configured.

The code changes are approved.

Run the following script to verify the Dockerfile path:

Verification successful

Dockerfile Path and Configuration Verified

The Caddy Dockerfile exists at the specified path and appears to be correctly configured for running a Caddy server. The FROM statement and setup commands are present and appropriate. No further issues are identified.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the existence of the Caddy Dockerfile.

# Test: Check if the Caddy Dockerfile exists.
if [ -f "./caddy/Dockerfile" ]; then
  echo "Caddy Dockerfile exists."
else
  echo "Caddy Dockerfile does not exist."
  exit 1
fi

Length of output: 90


Script:

#!/bin/bash
# Description: Check the contents of the Caddy Dockerfile for basic configuration.

# Display the first few lines of the Dockerfile to check for a FROM statement.
head -n 10 ./caddy/Dockerfile

Length of output: 213


343-390: LGTM! But verify the new job configuration.

The addition of the publish_assets job looks good. Ensure that the steps are correctly configured and that the assets are properly uploaded.

The code changes are approved.

Run the following script to verify the new job configuration:

Verification successful

Verification Successful: publish_assets Job Configuration is Correct

The publish_assets job is correctly configured with the necessary steps and conditions for release events. The job includes checking out files, updating shell scripts, and uploading assets as expected.

  • The job runs on ubuntu-latest and depends on other build jobs.
  • It includes steps to update shell scripts and upload assets like docker-compose.yaml, variables.env, and install.sh.
Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the configuration of the `publish_assets` job.

# Test: Check if the steps in the `publish_assets` job are correctly configured.
rg --type yaml -A 10 $'publish_assets:\n  if : ${{ github.event_name == \'release\' }}\n  runs-on: ubuntu-latest\n  needs: [branch_build_push_web, branch_build_push_admin, branch_build_push_space, branch_build_push_apiserver, branch_build_push_proxy]\n  steps:\n    - id: checkout_files\n      name: Checkout Files\n      uses: actions/checkout@v4\n    - name: Update shell script branch\n      run: |\n        sed -i "s/^RELEASE_TAG=.*/RELEASE_TAG=${{ github.event.release.tag_name }}/" ./deploy/selfhost/install.sh\n        sed -i "s/^export APP_RELEASE=.*/export APP_RELEASE=${{ github.event.release.tag_name }}/g" ./deploy/selfhost/install.sh\n        sed -i "s/APP_RELEASE=stable/APP_RELEASE=${{ github.event.release.tag_name }}/g" ./deploy/selfhost/install.sh\n    - name: Upload docker-compose.yaml\n      uses: actions/[email protected]\n      env:\n        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}\n      with:\n        upload_url: ${{ github.event.release.upload_url }}\n        asset_path: ./deploy/selfhost/docker-compose.yml\n        asset_name: docker-compose.yaml\n        asset_content_type: application/octet-stream\n    - name: Upload variables.env\n      uses: actions/[email protected]\n      env:\n        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}\n      with:\n        upload_url: ${{ github.event.release.upload_url }}\n        asset_path: ./deploy/selfhost/variables.env\n        asset_name: variables.env\n        asset_content_type: application/octet-stream\n    - name: Upload setup.sh\n      uses: actions/[email protected]\n      env:\n        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}\n      with:\n        upload_url: ${{ github.event.release.upload_url }}\n        asset_path: ./deploy/selfhost/install.sh\n        asset_name: setup.sh\n        asset_content_type: application/octet-stream'

Length of output: 4015


Script:

#!/bin/bash
# Description: Verify the configuration of the `publish_assets` job using a simpler pattern.

# Test: Check if the `publish_assets` job is defined and includes essential steps.
rg --type yaml -A 20 'publish_assets:' .github/workflows/build-branch.yml

Length of output: 1132

deploy/selfhost/install.sh (4)

4-4: LGTM!

The introduction of the RELEASE_TAG variable improves the script's functionality by making it more adaptable to versioning.

The code changes are approved.


170-171: LGTM!

The modification to replace APP_RELEASE with the latest value ensures that the variable is always up-to-date.

The code changes are approved.


238-256: LGTM!

The modification to include the RELEASE_TAG variable in the download URLs enhances the robustness of the file retrieval process.

The code changes are approved.

Tools
Shellcheck

[warning] 238-238: Quote this to prevent word splitting.

(SC2046)


[warning] 241-241: Quote this to prevent word splitting.

(SC2046)


[warning] 248-248: Quote this to prevent word splitting.

(SC2046)


[warning] 251-251: Quote this to prevent word splitting.

(SC2046)

GitHub Check: Codacy Static Code Analysis

[warning] 238-238: deploy/selfhost/install.sh#L238
Double quote to prevent globbing and word splitting.


[warning] 248-248: deploy/selfhost/install.sh#L248
Double quote to prevent globbing and word splitting.


362-362: LGTM!

The modification to include the APP_RELEASE variable in the download message improves clarity for the user regarding which version is being processed.

The code changes are approved.

Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 1968242 and 78edbc8.

Files selected for processing (1)
  • deploy/selfhost/build.yml (1 hunks)
Additional comments not posted (1)
deploy/selfhost/build.yml (1)

29-29: LGTM! But verify the new build context and Dockerfile.

The change in build context from ./nginx to ./caddy indicates a transition to using Caddy as the web server. Ensure that the new build context and Dockerfile are correctly set up for Caddy.

The code changes are approved.

Run the following script to verify the existence and correctness of the new build context and Dockerfile:

Verification successful

Verification Successful: Caddy Build Context and Dockerfile Exist

The caddy directory and its Dockerfile are present, confirming that the build context change is correctly set up for Caddy. No further issues are found with the transition from Nginx to Caddy.

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the existence of the new build context and Dockerfile for Caddy.

# Test: Check if the `caddy` directory exists. Expect: Directory exists.
if [ -d "./caddy" ]; then
  echo "Caddy directory exists."
else
  echo "Caddy directory does not exist."
  exit 1
fi

# Test: Check if the `Dockerfile` exists in the `caddy` directory. Expect: File exists.
if [ -f "./caddy/Dockerfile" ]; then
  echo "Dockerfile exists in the caddy directory."
else
  echo "Dockerfile does not exist in the caddy directory."
  exit 1
fi

Length of output: 202

Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 78edbc8 and c8c7d43.

Files selected for processing (1)
  • deploy/selfhost/install.sh (4 hunks)
Additional context used
Shellcheck
deploy/selfhost/install.sh

[warning] 238-238: Quote this to prevent word splitting.

(SC2046)


[warning] 241-241: Quote this to prevent word splitting.

(SC2046)


[warning] 248-248: Quote this to prevent word splitting.

(SC2046)


[warning] 251-251: Quote this to prevent word splitting.

(SC2046)

Additional comments not posted (4)
deploy/selfhost/install.sh (4)

4-4: LGTM!

The introduction of the RELEASE_TAG variable with a default value of v0.22-dev is a good enhancement for version management.


170-171: LGTM!

The update to replace APP_RELEASE with the latest value in the syncEnvFile function ensures that the environment variable is synchronized correctly.


176-176: LGTM!

The introduction of the buildYourOwnImage function to build Docker images locally is a useful addition for custom builds.


362-362: LGTM!

The update to download the specified APP_RELEASE version in the upgrade function ensures that the correct version is downloaded during the upgrade process.

Comment on lines 238 to 256
curl -H 'Cache-Control: no-cache, no-store' -s -o $PLANE_INSTALL_DIR/docker-compose.yaml https://github.com/makeplane/plane/releases/download/$RELEASE_TAG/docker-compose.yaml?$(date +%s)
if [ $? -ne 0 ]; then
# 2nd attempt to download the file for backward compatibility
curl -H 'Cache-Control: no-cache, no-store' -s -o $PLANE_INSTALL_DIR/docker-compose.yaml https://raw.githubusercontent.com/makeplane/plane/$BRANCH/deploy/selfhost/docker-compose.yml?$(date +%s)
if [ $? -ne 0 ]; then
echo "Failed to download the docker-compose.yaml file. Exiting..."
exit 1
fi
fi

curl -H 'Cache-Control: no-cache, no-store' -s -o $PLANE_INSTALL_DIR/variables-upgrade.env https://github.com/makeplane/plane/releases/download/$RELEASE_TAG/variables.env?$(date +%s)
if [ $? -ne 0 ]; then
# 2nd attempt to download the file for backward compatibility
curl -H 'Cache-Control: no-cache, no-store' -s -o $PLANE_INSTALL_DIR/variables-upgrade.env https://raw.githubusercontent.com/makeplane/plane/$BRANCH/deploy/selfhost/variables.env?$(date +%s)
if [ $? -ne 0 ]; then
echo "Failed to download the variables.env file. Exiting..."
exit 1
fi
fi
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! But fix potential word splitting issues.

The update to use the RELEASE_TAG variable for downloading files improves the download logic. However, there are potential issues with word splitting that need to be addressed.

Apply this diff to fix the word splitting issues:

-    curl -H 'Cache-Control: no-cache, no-store' -s -o $PLANE_INSTALL_DIR/docker-compose.yaml  https://github.com/makeplane/plane/releases/download/$RELEASE_TAG/docker-compose.yaml?$(date +%s)
+    curl -H 'Cache-Control: no-cache, no-store' -s -o "$PLANE_INSTALL_DIR/docker-compose.yaml"  "https://github.com/makeplane/plane/releases/download/$RELEASE_TAG/docker-compose.yaml?$(date +%s)"

-        curl -H 'Cache-Control: no-cache, no-store' -s -o $PLANE_INSTALL_DIR/docker-compose.yaml  https://raw.githubusercontent.com/makeplane/plane/$BRANCH/deploy/selfhost/docker-compose.yml?$(date +%s)
+        curl -H 'Cache-Control: no-cache, no-store' -s -o "$PLANE_INSTALL_DIR/docker-compose.yaml"  "https://raw.githubusercontent.com/makeplane/plane/$BRANCH/deploy/selfhost/docker-compose.yml?$(date +%s)"

-    curl -H 'Cache-Control: no-cache, no-store' -s -o $PLANE_INSTALL_DIR/variables-upgrade.env https://github.com/makeplane/plane/releases/download/$RELEASE_TAG/variables.env?$(date +%s)
+    curl -H 'Cache-Control: no-cache, no-store' -s -o "$PLANE_INSTALL_DIR/variables-upgrade.env" "https://github.com/makeplane/plane/releases/download/$RELEASE_TAG/variables.env?$(date +%s)"

-        curl -H 'Cache-Control: no-cache, no-store' -s -o $PLANE_INSTALL_DIR/variables-upgrade.env https://raw.githubusercontent.com/makeplane/plane/$BRANCH/deploy/selfhost/variables.env?$(date +%s)
+        curl -H 'Cache-Control: no-cache, no-store' -s -o "$PLANE_INSTALL_DIR/variables-upgrade.env" "https://raw.githubusercontent.com/makeplane/plane/$BRANCH/deploy/selfhost/variables.env?$(date +%s)"
Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
curl -H 'Cache-Control: no-cache, no-store' -s -o $PLANE_INSTALL_DIR/docker-compose.yaml https://github.com/makeplane/plane/releases/download/$RELEASE_TAG/docker-compose.yaml?$(date +%s)
if [ $? -ne 0 ]; then
# 2nd attempt to download the file for backward compatibility
curl -H 'Cache-Control: no-cache, no-store' -s -o $PLANE_INSTALL_DIR/docker-compose.yaml https://raw.githubusercontent.com/makeplane/plane/$BRANCH/deploy/selfhost/docker-compose.yml?$(date +%s)
if [ $? -ne 0 ]; then
echo "Failed to download the docker-compose.yaml file. Exiting..."
exit 1
fi
fi
curl -H 'Cache-Control: no-cache, no-store' -s -o $PLANE_INSTALL_DIR/variables-upgrade.env https://github.com/makeplane/plane/releases/download/$RELEASE_TAG/variables.env?$(date +%s)
if [ $? -ne 0 ]; then
# 2nd attempt to download the file for backward compatibility
curl -H 'Cache-Control: no-cache, no-store' -s -o $PLANE_INSTALL_DIR/variables-upgrade.env https://raw.githubusercontent.com/makeplane/plane/$BRANCH/deploy/selfhost/variables.env?$(date +%s)
if [ $? -ne 0 ]; then
echo "Failed to download the variables.env file. Exiting..."
exit 1
fi
fi
curl -H 'Cache-Control: no-cache, no-store' -s -o "$PLANE_INSTALL_DIR/docker-compose.yaml" "https://github.com/makeplane/plane/releases/download/$RELEASE_TAG/docker-compose.yaml?$(date +%s)"
if [ $? -ne 0 ]; then
# 2nd attempt to download the file for backward compatibility
curl -H 'Cache-Control: no-cache, no-store' -s -o "$PLANE_INSTALL_DIR/docker-compose.yaml" "https://raw.githubusercontent.com/makeplane/plane/$BRANCH/deploy/selfhost/docker-compose.yml?$(date +%s)"
if [ $? -ne 0 ]; then
echo "Failed to download the docker-compose.yaml file. Exiting..."
exit 1
fi
fi
curl -H 'Cache-Control: no-cache, no-store' -s -o "$PLANE_INSTALL_DIR/variables-upgrade.env" "https://github.com/makeplane/plane/releases/download/$RELEASE_TAG/variables.env?$(date +%s)"
if [ $? -ne 0 ]; then
# 2nd attempt to download the file for backward compatibility
curl -H 'Cache-Control: no-cache, no-store' -s -o "$PLANE_INSTALL_DIR/variables-upgrade.env" "https://raw.githubusercontent.com/makeplane/plane/$BRANCH/deploy/selfhost/variables.env?$(date +%s)"
if [ $? -ne 0 ]; then
echo "Failed to download the variables.env file. Exiting..."
exit 1
fi
fi
Tools
Shellcheck

[warning] 238-238: Quote this to prevent word splitting.

(SC2046)


[warning] 241-241: Quote this to prevent word splitting.

(SC2046)


[warning] 248-248: Quote this to prevent word splitting.

(SC2046)


[warning] 251-251: Quote this to prevent word splitting.

(SC2046)

Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

Outside diff range, codebase verification and nitpick comments (1)
deploy/selfhost/README.md (1)

109-117: Configuration options updated for clarity.

The updates to the configuration options, including APP_DOMAIN, LISTEN_PORT, LISTEN_SSL_PORT, WEB_URL, and CORS_ALLOWED_ORIGINS, improve the clarity of the instructions and provide users with more detailed guidance on setting up their environment.

Please update the abbreviation "e.g." to use two periods, as suggested by the LanguageTool hints:

- (eg. `plane.example.com`)
+ (e.g., `plane.example.com`)

- (eg. `https://plane.example.com:8443` or `http://[IP-ADDRESS]:8080`)
+ (e.g., `https://plane.example.com:8443` or `http://[IP-ADDRESS]:8080`)

- (eg. `http://plane.example.com:8080,https://plane.example.com:8443`)
+ (e.g., `http://plane.example.com:8080,https://plane.example.com:8443`)

The Markdownlint hints regarding blank lines inside blockquotes can be ignored as they are false positives in this context.

Tools
LanguageTool

[uncategorized] ~109-~109: The abbreviation “e.g.” (= for example) requires two periods.
Context: ... the Fully Qualified Domain Name here. (eg. plane.example.com) > LISTEN_PORT -...

(E_G)


[uncategorized] ~115-~115: The abbreviation “e.g.” (= for example) requires two periods.
Context: ...along with LISTEN_PORT/LISTEN_SSL_PORT (eg. https://plane.example.com:8443 or `ht...

(E_G)


[uncategorized] ~117-~117: The abbreviation “e.g.” (= for example) requires two periods.
Context: ... with LISTEN_PORT and LISTEN_SSL_PORT (eg. `http://plane.example.com:8080,https://...

(E_G)

Markdownlint

110-110: null
Blank line inside blockquote

(MD028, no-blanks-blockquote)


112-112: null
Blank line inside blockquote

(MD028, no-blanks-blockquote)


114-114: null
Blank line inside blockquote

(MD028, no-blanks-blockquote)


116-116: null
Blank line inside blockquote

(MD028, no-blanks-blockquote)

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between c8c7d43 and 7b1df8f.

Files selected for processing (3)
  • .github/workflows/build-branch.yml (1 hunks)
  • deploy/selfhost/README.md (9 hunks)
  • deploy/selfhost/variables.env (2 hunks)
Additional context used
Markdownlint
deploy/selfhost/README.md

60-60: null
Fenced code blocks should have a language specified

(MD040, fenced-code-language)


110-110: null
Blank line inside blockquote

(MD028, no-blanks-blockquote)


112-112: null
Blank line inside blockquote

(MD028, no-blanks-blockquote)


114-114: null
Blank line inside blockquote

(MD028, no-blanks-blockquote)


116-116: null
Blank line inside blockquote

(MD028, no-blanks-blockquote)

LanguageTool
deploy/selfhost/README.md

[uncategorized] ~109-~109: The abbreviation “e.g.” (= for example) requires two periods.
Context: ... the Fully Qualified Domain Name here. (eg. plane.example.com) > LISTEN_PORT -...

(E_G)


[uncategorized] ~115-~115: The abbreviation “e.g.” (= for example) requires two periods.
Context: ...along with LISTEN_PORT/LISTEN_SSL_PORT (eg. https://plane.example.com:8443 or `ht...

(E_G)


[uncategorized] ~117-~117: The abbreviation “e.g.” (= for example) requires two periods.
Context: ... with LISTEN_PORT and LISTEN_SSL_PORT (eg. `http://plane.example.com:8080,https://...

(E_G)

Additional comments not posted (10)
deploy/selfhost/variables.env (4)

3-3: LGTM!

The code changes are approved.


10-10: LGTM!

The code changes are approved.


11-11: LGTM!

The code changes are approved.


16-16: LGTM!

The code changes are approved.

.github/workflows/build-branch.yml (2)

333-334: LGTM!

The change from Nginx to Caddy aligns with the PR objective of adding SSL support. Caddy's automatic HTTPS capabilities will enhance the security of the deployed services.


343-400: LGTM!

The new publish_assets job is a great addition to the workflow. It automates the asset publishing process during releases, which will improve deployment efficiency and ensure that the correct versioned assets are available.

deploy/selfhost/README.md (4)

58-58: LGTM!

The change in the section header from "Latest Stable Release" to "Latest Release" is approved as it reflects the shift in focus to the latest version available.


61-61: LGTM!

The addition of the -p flag to the mkdir command is approved as it ensures that the directory is created only if it does not already exist, enhancing robustness.


63-63: LGTM!

The introduction of the RELEASE_VERSION variable is approved as it allows for a more flexible approach to version specification, replacing the hardcoded URL.


65-65: LGTM!

The update to the curl command to use the RELEASE_VERSION variable is approved as it ensures that the correct version of the setup script is downloaded based on the specified version.

Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 7b1df8f and ee50529.

Files selected for processing (1)
  • deploy/selfhost/README.md (9 hunks)
Additional context used
Markdownlint
deploy/selfhost/README.md

60-60: null
Fenced code blocks should have a language specified

(MD040, fenced-code-language)

LanguageTool
deploy/selfhost/README.md

[uncategorized] ~109-~109: The abbreviation “e.g.” (= for example) requires two periods.
Context: ... the Fully Qualified Domain Name here. (eg. plane.example.com) > > LISTEN_PORT...

(E_G)


[uncategorized] ~115-~115: The abbreviation “e.g.” (= for example) requires two periods.
Context: ...along with LISTEN_PORT/LISTEN_SSL_PORT (eg. https://plane.example.com:8443 or `ht...

(E_G)


[uncategorized] ~117-~117: The abbreviation “e.g.” (= for example) requires two periods.
Context: ... with LISTEN_PORT and LISTEN_SSL_PORT (eg. `http://plane.example.com:8080,https://...

(E_G)

Additional comments not posted (9)
deploy/selfhost/README.md (9)

58-58: LGTM!

The header text change is approved.


61-61: LGTM!

The addition of the -p flag to the mkdir command is approved.


63-63: LGTM!

The introduction of the RELEASE_VERSION variable is approved.


65-65: LGTM!

The update to the URL for downloading setup.sh is approved.


141-141: LGTM!

The addition of the comment is approved.


176-176: LGTM!

The addition of the comment is approved.


204-204: LGTM!

The addition of the comment is approved.


232-232: LGTM!

The addition of the comment is approved.


Line range hint 359-382: LGTM!

The changes to the data restoration section are approved.

Comment on lines +109 to +117
> `APP_DOMAIN` - Set the Fully Qualified Domain Name here. (eg. `plane.example.com`)
>
> `LISTEN_PORT` - This is default set to `80`. Make sure the port you choose to use is not preoccupied. (e.g `LISTEN_PORT=8080`)
>
> `LISTEN_SSL_PORT` - This is default set to `443`. Make sure the port you choose to use is not preoccupied. (e.g `LISTEN_SSL_PORT=8443`)
>
> `WEB_URL` - This is default set to `http://localhost`. Change this to the FQDN you plan to use along with LISTEN_PORT/LISTEN_SSL_PORT (eg. `https://plane.example.com:8443` or `http://[IP-ADDRESS]:8080`)
>
> `CORS_ALLOWED_ORIGINS` - This is default set to `http://${APP_DOMAIN},https://${APP_DOMAIN}`. Change this to the FQDN you plan to use along with LISTEN_PORT and LISTEN_SSL_PORT (eg. `http://plane.example.com:8080,https://plane.example.com:8443`)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

The changes to the configuration options are approved.

Fix the abbreviation for "for example".

The explanations use "eg." instead of "e.g." for the abbreviation "for example". Please update the occurrences of "eg." to "e.g.".

Apply this diff to fix the issue:

- (eg. `plane.example.com`)
+ (e.g., `plane.example.com`)

- (eg. `https://plane.example.com:8443` or `http://[IP-ADDRESS]:8080`)  
+ (e.g., `https://plane.example.com:8443` or `http://[IP-ADDRESS]:8080`)

- (eg. `http://plane.example.com:8080,https://plane.example.com:8443`)
+ (e.g., `http://plane.example.com:8080,https://plane.example.com:8443`)
Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
> `APP_DOMAIN` - Set the Fully Qualified Domain Name here. (eg. `plane.example.com`)
>
> `LISTEN_PORT` - This is default set to `80`. Make sure the port you choose to use is not preoccupied. (e.g `LISTEN_PORT=8080`)
>
> `LISTEN_SSL_PORT` - This is default set to `443`. Make sure the port you choose to use is not preoccupied. (e.g `LISTEN_SSL_PORT=8443`)
>
> `WEB_URL` - This is default set to `http://localhost`. Change this to the FQDN you plan to use along with LISTEN_PORT/LISTEN_SSL_PORT (eg. `https://plane.example.com:8443` or `http://[IP-ADDRESS]:8080`)
>
> `CORS_ALLOWED_ORIGINS` - This is default set to `http://${APP_DOMAIN},https://${APP_DOMAIN}`. Change this to the FQDN you plan to use along with LISTEN_PORT and LISTEN_SSL_PORT (eg. `http://plane.example.com:8080,https://plane.example.com:8443`)
> `APP_DOMAIN` - Set the Fully Qualified Domain Name here. (e.g., `plane.example.com`)
>
> `LISTEN_PORT` - This is default set to `80`. Make sure the port you choose to use is not preoccupied. (e.g `LISTEN_PORT=8080`)
>
> `LISTEN_SSL_PORT` - This is default set to `443`. Make sure the port you choose to use is not preoccupied. (e.g `LISTEN_SSL_PORT=8443`)
>
> `WEB_URL` - This is default set to `http://localhost`. Change this to the FQDN you plan to use along with LISTEN_PORT/LISTEN_SSL_PORT (e.g., `https://plane.example.com:8443` or `http://[IP-ADDRESS]:8080`)
>
> `CORS_ALLOWED_ORIGINS` - This is default set to `http://${APP_DOMAIN},https://${APP_DOMAIN}`. Change this to the FQDN you plan to use along with LISTEN_PORT and LISTEN_SSL_PORT (e.g., `http://plane.example.com:8080,https://plane.example.com:8443`)
Tools
LanguageTool

[uncategorized] ~109-~109: The abbreviation “e.g.” (= for example) requires two periods.
Context: ... the Fully Qualified Domain Name here. (eg. plane.example.com) > > LISTEN_PORT...

(E_G)


[uncategorized] ~115-~115: The abbreviation “e.g.” (= for example) requires two periods.
Context: ...along with LISTEN_PORT/LISTEN_SSL_PORT (eg. https://plane.example.com:8443 or `ht...

(E_G)


[uncategorized] ~117-~117: The abbreviation “e.g.” (= for example) requires two periods.
Context: ... with LISTEN_PORT and LISTEN_SSL_PORT (eg. `http://plane.example.com:8080,https://...

(E_G)

Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between ee50529 and 085fc16.

Files selected for processing (8)
  • .github/workflows/build-branch.yml (1 hunks)
  • aio/Dockerfile-app (3 hunks)
  • aio/nginx.conf (1 hunks)
  • aio/supervisord-app (1 hunks)
  • caddy/Caddyfile.template (1 hunks)
  • deploy/selfhost/build.yml (2 hunks)
  • deploy/selfhost/docker-compose.yml (6 hunks)
  • deploy/selfhost/variables.env (2 hunks)
Files skipped from review as they are similar to previous changes (2)
  • .github/workflows/build-branch.yml
  • caddy/Caddyfile.template
Additional context used
yamllint
deploy/selfhost/docker-compose.yml

[error] 19-19: trailing spaces

(trailing-spaces)

Additional comments not posted (17)
deploy/selfhost/build.yml (2)

20-24: LGTM!

The new live service configuration looks good. Using a dedicated Dockerfile for the live environment is a nice way to customize the build for that specific environment.


35-35: Verify the Caddy configuration.

The change in the build context for the proxy service looks good. Using Caddy instead of Nginx aligns with the PR objective of adding SSL support.

Please ensure that:

  • The Caddy configuration file (Caddyfile) is properly set up with the required directives for SSL and reverse proxy.
  • The SSL certificates are correctly provisioned and renewed.
  • The Caddy configuration is thoroughly tested to ensure that SSL is working as expected and the application is accessible via HTTPS.
deploy/selfhost/variables.env (3)

3-3: LGTM!

The code changes are approved.


35-35: LGTM!

The code changes are approved.


16-16: LGTM!

The code changes are approved.

aio/supervisord-app (1)

32-40: LGTM!

The new program configuration [program:live] looks good:

  • It follows the same structure as the existing configurations, which is good for consistency.
  • The logging configuration is set to log to /dev/stdout with no size limits, which is consistent with the existing configurations and is a good practice for containerized applications.
  • The environment variables are defined correctly, including a new port (3004) and an API base URL pointing to a local server, allowing the live server to run on a different port and communicate with the API server.
aio/nginx.conf (1)

48-54: LGTM!

The new location block for /live/ is correctly configured for handling WebSocket connections.

  • The proxy_http_version directive is set to 1.1, which is required for WebSocket connections.
  • The Upgrade, Connection, and Host headers are correctly set for WebSocket connections.
  • The proxy_pass directive is correctly set to forward requests to the new backend service running on http://localhost:3004/.

The code changes are approved.

aio/Dockerfile-app (3)

14-14: LGTM!

The addition of --scope=live to the turbo prune command ensures that the "live" component is considered during the pruning phase of the build process.


56-56: LGTM!

The addition of --filter=live to the yarn turbo run build command ensures that the "live" component is built alongside the existing components.


108-110: LGTM!

The added COPY commands ensure that the necessary files and directories for the "live" component are included in the final Docker image.

deploy/selfhost/docker-compose.yml (7)

1-8: LGTM!

The x-db-env anchor is a good addition for organizing the PostgreSQL environment variables.


10-13: LGTM!

The x-redis-env anchor is a good addition for organizing the Redis environment variables.


20-30: LGTM!

The x-data-store-env anchor is a good addition for organizing the MinIO environment variables.


31-39: LGTM!

The x-proxy-env anchor is a good addition for organizing the proxy environment variables.


106-107: LGTM!

The environment variable declarations for the services have been improved by using the newly introduced anchors. This enhances the organization and maintainability of the configuration.

Also applies to: 124-125, 139-140, 155-156, 171-172, 182-183, 191-192, 209-210, 226-227


221-222: LGTM!

The port mapping for the proxy service has been improved by using environment variables. This provides flexibility in configuring the ports.


241-242: Verify the purpose of the new volumes.

The new volumes caddy_config and caddy_data have been added for the proxy service. Can you please provide more context on the purpose of these volumes and how they are being used by the Caddy web server?

Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 085fc16 and 7d4ec00.

Files selected for processing (1)
  • aio/Dockerfile-app (4 hunks)
Files skipped from review as they are similar to previous changes (1)
  • aio/Dockerfile-app

Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

Outside diff range, codebase verification and nitpick comments (1)
deploy/selfhost/variables.env (1)

3-3: LGTM, but ensure SSL is enabled in production.

The new SSL variable, set to false by default, is suitable for local development environments.

However, for production deployments, it is crucial to set SSL=true and configure a valid SSL certificate to ensure secure connections.

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 7d4ec00 and 5184ce6.

Files selected for processing (3)
  • .github/workflows/build-branch.yml (1 hunks)
  • deploy/selfhost/docker-compose.yml (6 hunks)
  • deploy/selfhost/variables.env (2 hunks)
Files skipped from review as they are similar to previous changes (1)
  • .github/workflows/build-branch.yml
Additional context used
yamllint
deploy/selfhost/docker-compose.yml

[error] 19-19: trailing spaces

(trailing-spaces)

Additional comments not posted (16)
deploy/selfhost/variables.env (2)

36-36: LGTM!

The CERT_ACME_CA variable is set to the correct URL for obtaining SSL certificates from Let's Encrypt.


16-16: LGTM!

The update to the CORS_ALLOWED_ORIGINS variable to include both HTTP and HTTPS origins is a good change to support environments with SSL enabled or disabled.

deploy/selfhost/docker-compose.yml (14)

1-9: LGTM!

The introduction of the x-db-env anchor for PostgreSQL environment variables is a good practice for modular configuration management.


10-13: LGTM!

The introduction of the x-redis-env anchor for Redis environment variables is a good practice for modular configuration management.


15-18: LGTM!

The introduction of the x-mq-env anchor for RabbitMQ environment variables is a good practice for modular configuration management.


20-29: LGTM!

The introduction of the x-data-store-env anchor for MinIO environment variables is a good practice for modular configuration management.


31-38: LGTM!

The introduction of the x-proxy-env anchor for proxy environment variables is a good practice for modular configuration management.


40-41: LGTM!

The introduction of the x-live-env anchor for live service environment variables is a good practice for modular configuration management.


106-107: LGTM!

The update to the environment section of the live service to include the x-live-env and x-redis-env anchors is a good change for consolidating environment variable management.


124-125: LGTM!

The update to the environment section of the api service to include multiple environment variable anchors is a good change for consolidating environment variable management.


139-140: LGTM!

The update to the environment section of the worker service to include multiple environment variable anchors is a good change for consolidating environment variable management.


155-156: LGTM!

The update to the environment section of the beat-worker service to include multiple environment variable anchors is a good change for consolidating environment variable management.


171-172: LGTM!

The update to the environment section of the migrator service to include multiple environment variable anchors is a good change for consolidating environment variable management.


221-222: LGTM!

The update to the port mapping for the proxy service to use dynamic port definitions provides greater flexibility in configuring the service's network settings.


223-225: LGTM!

The addition of the caddy_config and caddy_data volumes for the proxy service is a good change to support the management of SSL certificates and configuration files.


19-19: Remove trailing spaces.

The static analysis tool yamllint has flagged a trailing spaces issue at line 19.

Trailing spaces can cause issues with some tools and should be removed for consistency and cleanliness of the code.

Tools
yamllint

[error] 19-19: trailing spaces

(trailing-spaces)

Copy link
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 5184ce6 and c5e5b99.

Files selected for processing (1)
  • deploy/selfhost/install.sh (4 hunks)
Additional context used
Shellcheck
deploy/selfhost/install.sh

[warning] 244-244: Quote this to prevent word splitting.

(SC2046)

Additional comments not posted (4)
deploy/selfhost/install.sh (4)

4-4: LGTM!

The RELEASE_TAG variable declaration with a default value provides flexibility to manage different release versions.


170-171: LGTM!

The update to replace APP_RELEASE with the latest value ensures that the deployment reflects the correct application release version and improves the synchronization of environment variables.


239-242: LGTM!

The error handling after curl commands prevents the script from proceeding with potentially incomplete or missing configurations, thereby increasing the reliability of the installation process.

Also applies to: 245-248


354-354: LGTM!

Dynamically displaying the current APP_RELEASE version provides clearer feedback to the user regarding the version being downloaded during the upgrade process.

echo "Failed to download the docker-compose.yaml file. Exiting..."
exit 1
fi

curl -H 'Cache-Control: no-cache, no-store' -s -o $PLANE_INSTALL_DIR/variables-upgrade.env https://raw.githubusercontent.com/makeplane/plane/$BRANCH/deploy/selfhost/variables.env?$(date +%s)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fix the potential word splitting issue.

The variable expansion at line 244 should be quoted to prevent potential word splitting issues.

Apply this diff to fix the issue:

-    curl -H 'Cache-Control: no-cache, no-store' -s -o $PLANE_INSTALL_DIR/docker-compose.yaml  https://raw.githubusercontent.com/makeplane/plane/$BRANCH/deploy/selfhost/docker-compose.yml?$(date +%s)
+    curl -H 'Cache-Control: no-cache, no-store' -s -o "$PLANE_INSTALL_DIR/docker-compose.yaml"  "https://raw.githubusercontent.com/makeplane/plane/$BRANCH/deploy/selfhost/docker-compose.yml?$(date +%s)"

Committable suggestion was skipped due to low confidence.

Tools
Shellcheck

[warning] 244-244: Quote this to prevent word splitting.

(SC2046)

@akshat5302 akshat5302 marked this pull request as draft September 10, 2024 11:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants