-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
getjerry customize branch #1
base: master
Are you sure you want to change the base?
Changes from 28 commits
8bde676
43bd780
324f0b6
682e4e8
ff74a64
43749bb
e60a25e
f7ff383
b96e23c
42a3469
aaee599
0ad3169
1591e4d
34ba83f
b436eb6
218c791
331f64d
e5b19ac
f1a84c3
110ad03
fe01adb
b08be7b
c469855
9cbd369
70f1c43
d0aa19e
f19e14a
0673161
c82e24b
52f3ce3
32584cf
64a546a
6243f1b
e53eacb
5ed7200
c1b8f31
a7c5846
7b8fcc1
2b78518
3dd2d9f
da66a09
d7cb5ed
66afafa
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
@@ -82,7 +82,9 @@ def wait_applying(self, startup: bool = False): | |||||||||||||
i = 0 | ||||||||||||||
while i < 60: | ||||||||||||||
curr_changes = self._db.check_changes() | ||||||||||||||
self.__logger.info(f"current changed: {curr_changes}") | ||||||||||||||
first_config_saved = self._db.is_first_config_saved() | ||||||||||||||
self.__logger.info(f"first config saved: {first_config_saved}") | ||||||||||||||
Comment on lines
+85
to
+87
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🛠️ Refactor suggestion Improve logging implementation for better security and clarity. While adding logging for debugging is valuable, the current implementation could be enhanced:
Apply this diff to improve the logging implementation: - self.__logger.info(f"current changed: {curr_changes}")
+ self.__logger.debug(f"Current changes detected: {list(curr_changes.keys()) if isinstance(curr_changes, dict) else 'error'}")
- self.__logger.info(f"first config saved: {first_config_saved}")
+ self.__logger.debug(f"First configuration saved status: {first_config_saved}") This change:
📝 Committable suggestion
Suggested change
|
||||||||||||||
if isinstance(curr_changes, str): | ||||||||||||||
if not startup: | ||||||||||||||
self.__logger.error(f"An error occurred when checking for changes in the database : {curr_changes}") | ||||||||||||||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -19,11 +19,13 @@ WORKDIR /usr/share/bunkerweb | |
# Copy python requirements | ||
COPY src/deps/requirements.txt /tmp/requirements-deps.txt | ||
COPY src/common/gen/requirements.txt deps/requirements-gen.txt | ||
COPY src/common/db/requirements.txt deps/requirements-db.txt | ||
|
||
# Install python requirements | ||
RUN export MAKEFLAGS="-j$(nproc)" && \ | ||
pip install --break-system-packages --no-cache-dir --require-hashes --ignore-installed -r /tmp/requirements-deps.txt && \ | ||
pip install --break-system-packages --no-cache-dir --require-hashes --target deps/python -r deps/requirements-gen.txt | ||
pip install --break-system-packages --no-cache-dir --require-hashes --target deps/python -r deps/requirements-gen.txt && \ | ||
pip install --break-system-packages --no-cache-dir --require-hashes --target deps/python -r deps/requirements-db.txt | ||
Comment on lines
+27
to
+28
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 💡 Codebase verification Requirements files with hashes not found The Dockerfile references
🔗 Analysis chainVerify requirements file hash consistency Since Let's verify the hash specifications in all requirements files: Also applies to: 22-22 Let's verify the specific requirements files mentioned in the Dockerfile: Let's try to locate these files first since the paths might be different: 🏁 Scripts executedThe following scripts were executed for the analysis: Script: #!/bin/bash
# Check if all requirements files contain hash specifications
for req in $(fd requirements.txt); do
echo "=== $req ==="
if ! grep -q "sha256:" "$req"; then
echo "WARNING: No hash specifications found in $req"
fi
done
Length of output: 13044 Script: #!/bin/bash
echo "=== deps/requirements-gen.txt ==="
cat src/bw/deps/requirements-gen.txt
echo -e "\n=== deps/requirements-db.txt ==="
cat src/bw/deps/requirements-db.txt
Length of output: 363 Script: #!/bin/bash
# Find requirements files with -gen and -db in their names
echo "=== Looking for *requirements*gen*.txt files ==="
fd -t f "requirements.*gen.*txt"
echo -e "\n=== Looking for *requirements*db*.txt files ==="
fd -t f "requirements.*db.*txt"
# Also check the directory structure around the Dockerfile
echo -e "\n=== Directory structure around Dockerfile ==="
ls -la "$(dirname $(fd Dockerfile | grep src/bw/Dockerfile))"
Length of output: 881 |
||
|
||
# Copy files | ||
# can't exclude deps from . so we are copying everything by hand | ||
|
@@ -36,6 +38,7 @@ COPY src/common/cli cli | |
COPY src/common/confs confs | ||
COPY src/common/core core | ||
COPY src/common/gen gen | ||
COPY src/common/db db | ||
COPY src/common/helpers helpers | ||
COPY src/common/settings.json settings.json | ||
COPY src/common/utils utils | ||
|
This file was deleted.
Original file line number | Diff line number | Diff line change | ||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
@@ -0,0 +1,19 @@ | ||||||||||||||||||||||||||||||||||||
#!/bin/bash | ||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||
if [ ! -f /var/run/bunkerweb/nginx.pid ] ; then | ||||||||||||||||||||||||||||||||||||
exit 1 | ||||||||||||||||||||||||||||||||||||
fi | ||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||
check="$(curl -s -H "Host: healthcheck.bunkerweb.io" http://127.0.0.1:6000/healthz 2>&1)" | ||||||||||||||||||||||||||||||||||||
# shellcheck disable=SC2181 | ||||||||||||||||||||||||||||||||||||
if [ $? -ne 0 ] || [ "$check" != "ok" ] ; then | ||||||||||||||||||||||||||||||||||||
exit 1 | ||||||||||||||||||||||||||||||||||||
fi | ||||||||||||||||||||||||||||||||||||
Comment on lines
+7
to
+11
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Add timeout to health check and consider configurable host. The health check could hang indefinitely without a timeout. Also, the hardcoded host header might not be suitable for all environments. Apply this diff to add timeout and make the host configurable: -check="$(curl -s -H "Host: healthcheck.bunkerweb.io" http://127.0.0.1:6000/healthz 2>&1)"
+HEALTH_CHECK_HOST=${HEALTH_CHECK_HOST:-"healthcheck.bunkerweb.io"}
+check="$(curl -s --max-time 5 -H "Host: ${HEALTH_CHECK_HOST}" http://127.0.0.1:6000/healthz 2>&1)"
# shellcheck disable=SC2181
if [ $? -ne 0 ] || [ "$check" != "ok" ] ; then
+ echo "Health check failed: ${check}"
exit 1
fi 📝 Committable suggestion
Suggested change
|
||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||
# check IS_LOADING | ||||||||||||||||||||||||||||||||||||
VAR_FILE=/etc/nginx/variables.env | ||||||||||||||||||||||||||||||||||||
if grep -q "IS_LOADING=yes" "$VAR_FILE"; then | ||||||||||||||||||||||||||||||||||||
echo "pod is loading, waiting..." | ||||||||||||||||||||||||||||||||||||
exit 1 | ||||||||||||||||||||||||||||||||||||
fi | ||||||||||||||||||||||||||||||||||||
Comment on lines
+13
to
+18
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🛠️ Refactor suggestion Fix indentation and add error handling for missing file. The code has inconsistent indentation and lacks error handling for the case when the variables file doesn't exist. Apply this diff to fix these issues: # check IS_LOADING
VAR_FILE=/etc/nginx/variables.env
+if [ ! -f "$VAR_FILE" ]; then
+ echo "Error: Variables file not found: $VAR_FILE"
+ exit 1
+fi
+
if grep -q "IS_LOADING=yes" "$VAR_FILE"; then
echo "pod is loading, waiting..."
- exit 1
+ exit 1
fi 📝 Committable suggestion
Suggested change
|
||||||||||||||||||||||||||||||||||||
exit 0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🛠️ Refactor suggestion
Consider adjusting logging approach for better production readiness
While adding visibility is good, the current logging implementation could be improved:
Apply this diff to improve the logging implementation:
📝 Committable suggestion