fix(dashmate): invalid mount path from helper

[shumkov]

Issue being fixed or feature implemented

Dashmate helper (a separate docker container) is using the dashmate home dir path as mount path for container for SSL verification server. The problem is that the dashmate home dir is hardcoded for the dashmate helper but mount expect the path on host machine. When dashmate home paths inside helper and outside aren't matching then we trying to mount path which is doesn't exist on host machine.
This leads SSL server to fail, which in turn, fails the SSL renewal process in a middle, so we spamming ZeroSSL with draft certificate. This PR solves the first issue - correct mount path. Spamming with drafts if the SSL renewal process was interrupted will be addressed in a separate PR.

What was done?

• Use host machine dashmate home dir path inside dashmate helper

How Has This Been Tested?

Running locally

Breaking Changes

None

Checklist:

• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have added or updated relevant unit/integration/functional/e2e tests
• I have added "!" to the title and described breaking changes in the corresponding section if my code contains any
• I have made corresponding changes to the documentation if needed

For repository code-owners and collaborators only

• I have assigned this pull request to a milestone

Summary by CodeRabbit

• New Features

  • Introduced a new environment variable DASHMATE_HOME_DIR for improved configurability of the dashmate_helper service.
  • Updated volume mapping for dashmate_helper to allow for more flexible directory usage.

• Bug Fixes

  • Streamlined user session initiation in the entrypoint script, enhancing command execution.

These changes enhance the flexibility and usability of the dashmate_helper service for end-users.

[coderabbitai]

Walkthrough

The changes primarily involve modifications to the docker-compose.yml and entrypoint.sh files for the dashmate_helper service. A new required environment variable, DASHMATE_HOME_DIR, has been added, and the volume mapping has been updated to allow for more flexible configuration. In entrypoint.sh, adjustments were made to streamline user session initiation by removing the DASHMATE_HELPER variable and simplifying the command structure for user switching.

Changes

File Path	Change Summary
packages/dashmate/docker-compose.yml	- Added required environment variable DASHMATE_HOME_DIR to dashmate_helper service. - Updated volume mapping from ${DASHMATE_HOME_DIR:?err}:/home/dashmate/.dashmate to ${DASHMATE_HOME_DIR:?err}:${DASHMATE_HOME_DIR:?err}.
packages/dashmate/docker/entrypoint.sh	- Removed DASHMATE_HELPER variable from command executed by su. - Referenced DASHMATE_HOME_DIR directly in the execution command. - Simplified command structure by removing - from su - $USERNAME.

Possibly related PRs

• fix(dashmate): invalid drive status check #2248: Modifies the status checks for drives and platforms, relevant to the configurability enhancements of the dashmate_helper service.
• fix(dashmate): invalid platform version in the status command #2249: Addresses the display of the correct platform version in the status command, relating to the overall configuration improvements made in the main PR.

Suggested labels

dashmate

Suggested reviewers

• QuantumExplorer
• pshenmic

🐇 In the garden where changes bloom,
A helper's path makes more room.
With variables set and mappings clear,
Our Dashmate's journey draws near.
So hop along, let’s celebrate,
For better configs await our fate! 🌼

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 1b92f05 and 8917557.

📒 Files selected for processing (1)

• packages/dashmate/docker/entrypoint.sh (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• packages/dashmate/docker/entrypoint.sh

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Outside diff range and nitpick comments (2)

packages/dashmate/docker/entrypoint.sh (1)

34-34: Add validation for DASHMATE_HOME_DIR environment variable.

While the change to use DASHMATE_HOME_DIR aligns with fixing the mount path issue, the script should validate this critical environment variable.

Add this validation before the exec line:

+if [ -z "$DASHMATE_HOME_DIR" ]; then
+  echo "Error: DASHMATE_HOME_DIR environment variable is required"
+  exit 1
+fi
+
 exec su $USERNAME -c "cd /platform;DASHMATE_HOME_DIR=$DASHMATE_HOME_DIR $*"

packages/dashmate/scripts/helper.js (1)

Line range hint 1-89: Add environment validation and improve error handling.

Given the PR's focus on fixing mount path issues, consider these improvements:

1. Validate DASHMATE_HOME_DIR environment variable
2. Add explicit error handling for SSL certificate operations
3. Add logging for certificate renewal operations to track potential issues with draft certificates

Add this validation at the start of the script:

 // Read environment variables from .env file
 dotenv.config();
+
+// Validate required environment variables
+if (!process.env.DASHMATE_HOME_DIR) {
+  throw new Error('DASHMATE_HOME_DIR environment variable is required');
+}

And enhance the SSL certificate renewal section:

 if (isEnabled && provider === 'zerossl') {
   const scheduleRenewZeroSslCertificate = container.resolve('scheduleRenewZeroSslCertificate');
-  await scheduleRenewZeroSslCertificate(config);
+  try {
+    await scheduleRenewZeroSslCertificate(config);
+    console.info('SSL certificate renewal scheduled successfully');
+  } catch (error) {
+    console.error('Failed to schedule SSL certificate renewal:', error);
+    throw error;
+  }
 }

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 5d82eca and 1b92f05.

📒 Files selected for processing (4)

• packages/dashmate/docker-compose.yml (1 hunks)
• packages/dashmate/docker/entrypoint.sh (1 hunks)
• packages/dashmate/scripts/helper.js (1 hunks)
• packages/dashmate/src/createDIContainer.js (1 hunks)

🔇 Additional comments (6)

packages/dashmate/docker/entrypoint.sh (1)

34-34: Verify DASHMATE_HOME_DIR is properly configured.

The command structure looks good and preserving the environment by removing su - is the right approach. Let's verify the environment variable is properly set in the docker configuration.

✅ Verification successful

DASHMATE_HOME_DIR is properly configured across the environment

The verification confirms that DASHMATE_HOME_DIR is well-configured:

• It's properly set in the Dockerfile as /home/dashmate/.dashmate
• All docker-compose files consistently use ${DASHMATE_HOME_DIR:?err} with proper error handling
• The environment variable is correctly passed through in the entrypoint.sh
• The variable is properly integrated in the codebase through HomeDir class and config generation

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify DASHMATE_HOME_DIR is properly configured in docker-compose files

# Test: Check if DASHMATE_HOME_DIR is defined in docker-compose files
echo "Checking docker-compose files for DASHMATE_HOME_DIR configuration:"
fd --type f "docker-compose" --exec rg -l "DASHMATE_HOME_DIR"

# Test: Check if there are any hardcoded paths that should use DASHMATE_HOME_DIR
echo -e "\nChecking for potential hardcoded paths:"
rg -i "(/\.dashmate|dashmate.*home)"

Length of output: 5658

packages/dashmate/scripts/helper.js (1)

48-48: LGTM! Verify complete removal of DASHMATE_HELPER env var.

The explicit registration of isHelper as true is a cleaner approach than using an environment variable.

Let's verify that the old environment variable approach has been completely removed:

✅ Verification successful

The search results show that DASHMATE_HELPER references are only about the Docker image name constant (DASHMATE_HELPER_DOCKER_IMAGE), which is different from the environment variable approach that was meant to be replaced. Let me verify if there are any actual environment variable usages by searching for environment variable access patterns.

---

✅ Environment variable approach has been completely removed

The verification confirms that the old environment variable approach using DASHMATE_HELPER has been fully removed. The only remaining references are to the Docker image name constant DASHMATE_HELPER_DOCKER_IMAGE, which is the expected and correct usage. The new DI container registration with isHelper: asValue(true) is a clean replacement.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Search for any remaining references to DASHMATE_HELPER
rg "DASHMATE_HELPER" --type js

Length of output: 608

---

Script:

#!/bin/bash
# Search for process.env.DASHMATE_HELPER or similar patterns
rg "process\.env\.DASHMATE_HELPER|getenv.*DASHMATE_HELPER" --type js

# Search for environment variable declarations in Docker compose or similar files
rg "DASHMATE_HELPER:" --type yaml
rg "DASHMATE_HELPER=" --type yaml

Length of output: 138

packages/dashmate/docker-compose.yml (2)

20-20: LGTM: Required environment variable addition

The addition of DASHMATE_HOME_DIR as a required environment variable is correct and aligns with the PR objective to use the host machine's Dashmate home directory path.

---

27-27: Verify SSL server functionality with new volume mount

The volume mount change from a fixed container path to using ${DASHMATE_HOME_DIR:?err} on both sides ensures path consistency between host and container, which should fix the SSL verification server mount issue.

Let's verify the impact on SSL-related files:

✅ Verification successful

Based on the search results, I can verify that the SSL-related volume mount change is consistent with the codebase. The key findings:

1. The SSL certificate files are stored under ${DASHMATE_HOME_DIR}/${CONFIG_NAME}/platform/gateway/ssl/ as seen in docker-compose.yml:

- ${DASHMATE_HOME_DIR:?err}/${CONFIG_NAME:?err}/platform/gateway/ssl/bundle.crt:/etc/ssl/bundle.crt:ro
- ${DASHMATE_HOME_DIR:?err}/${CONFIG_NAME:?err}/platform/gateway/ssl/private.key:/etc/ssl/private.key:ro

2. The codebase has extensive SSL certificate handling logic that relies on these paths, including:

• Certificate generation and validation
• Support for different providers (ZeroSSL, self-signed, file)
• Certificate renewal and verification

3. The volume mount change ensures consistent path mapping between host and container, which is critical for SSL certificate functionality.

SSL certificate mount paths are correctly configured

The volume mount change to use ${DASHMATE_HOME_DIR} consistently ensures proper SSL certificate file access between host and container. The paths align with the SSL certificate handling implementation in the codebase.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check if SSL-related paths are referenced consistently
# Expected: All SSL paths should use DASHMATE_HOME_DIR

# Search for SSL-related path references
rg -i "ssl|cert|key" packages/dashmate/

Length of output: 139255

packages/dashmate/src/createDIContainer.js (2)

165-165: LGTM! Clean separation of helper configuration.

The change from environment variable to static value aligns with the PR's objective to improve helper container configuration. This creates a cleaner separation between the main container and helper contexts.

---

165-165: Verify related changes in helper configuration.

Since we're removing the environment variable dependency, let's ensure all related changes are in place.

✅ Verification successful

Let me analyze the helper configuration changes based on the results:

1. helper.js still sets isHelper to true, which is consistent with the change to set it as false by default in the DI container.
2. DASHMATE_HELPER environment variable is still used in:
   • Docker compose files for image and port configuration
   • Constants for docker image naming
   • Dockerfile with ENV DASHMATE_HELPER=1

Let me verify if these remaining usages are related to the helper service configuration rather than the runtime environment detection:

---

All helper-related changes are properly aligned

The changes are consistent across the codebase:

• The DI container correctly sets isHelper: false by default
• The helper script explicitly overrides it to true when needed
• The remaining DASHMATE_HELPER references in Docker files are for helper service configuration, not for runtime detection
• The isHelper flag is properly used in getConnectionHostFactory for connection handling

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify helper configuration and usage of DASHMATE_HELPER
# Test 1: Check if helper.js properly sets isHelper
rg -l "isHelper.*true" "packages/dashmate/scripts/"

# Test 2: Verify no remaining uses of DASHMATE_HELPER env var
rg "DASHMATE_HELPER"

# Test 3: Check for any potential mount path related configurations
rg -A 3 "mountPath|DASHMATE_HOME"

Length of output: 6258

---

Script:

#!/bin/bash
# Check the context of DASHMATE_HELPER usage in helper.js
rg -A 5 "isHelper.*true" "packages/dashmate/scripts/helper.js"

# Check if there are any other files that might be using isHelper for configuration
rg "isHelper" --type js

Length of output: 685