Patch 1 #6
Patch 1 #6
Conversation
Just a line to run frontend tests
|
Umm... did someone forget to read the style guide? Fix that PR title and let's try again! @Ashu407 |
WalkthroughAdds automation scripts to update environment URLs, introduces Jenkins CI and GitOps pipelines, adds Dockerfiles and docker-compose, creates Kubernetes manifests for frontend, backend, MongoDB, and Redis, and updates documentation. New environment files for frontend and backend are included. Changes
Sequence Diagram(s)sequenceDiagram
autonumber
actor Dev as Developer
participant J as Jenkins (CI)
participant Repo as Git Repo
participant Sec as Security Tools
participant SQ as SonarQube
participant D as Docker Engine
participant DH as DockerHub
participant CD as Jenkins (CD)
Dev->>J: Push triggers CI pipeline
J->>Repo: Checkout source
J->>Sec: Run OWASP/Trivy scans
J->>SQ: Sonar scan & quality gate
J->>D: Build backend image
J->>D: Build frontend image
J->>DH: Push images (tags)
J->>CD: Trigger downstream CD with tags
sequenceDiagram
autonumber
actor Ops as Operator
participant JG as Jenkins (GitOps)
participant Repo as GitOps Repo
participant K8s as Kubernetes Manifests
Ops->>JG: Start GitOps job with tags
JG->>Repo: Checkout manifests
JG->>K8s: sed replace image tags in backend.yaml/frontend.yaml
JG->>Repo: Commit & push to devops branch
sequenceDiagram
autonumber
actor Admin as Admin
participant Sh as update*\.sh
participant AWS as AWS Metadata/CLI
participant FS as .env.docker
Admin->>Sh: Run script
Sh->>AWS: Get public IPv4
Sh->>FS: Read current value
alt Already matches
Sh-->>Admin: Notice and exit (-1)
else Needs update
Sh->>FS: sed replace target URL
Sh-->>Admin: Success message
end
Estimated code review effort🎯 4 (Complex) | ⏱️ ~60 minutes Poem
Pre-merge checks and finishing touches❌ Failed checks (3 warnings, 1 inconclusive)
✅ Passed checks (1 passed)
✨ Finishing touches
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
Umm... did someone forget to read the style guide? Fix that PR title and let's try again! @coderabbitai[bot] |
|
The author of this PR is on the CodeRabbit Free Plan. In order to use the Chat feature, please upgrade the PR author to CodeRabbit Pro by visiting https://app.coderabbit.ai/login. |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 19
🧹 Nitpick comments (17)
kubernetes/assets/README.md (1)
1-1: Empty README: either populate with purpose/guidelines or replace with .gitkeepAn empty README adds churn without value. Either:
- Add a brief description of what assets go here and naming/usage conventions (link to kubernetes/README.md), or
- Replace with a .gitkeep if the goal is to keep the directory tracked.
Example minimal content:
- +# Kubernetes assets + +This folder stores diagrams/screenshots referenced by Kubernetes docs/manifests. + +Guidelines: +- Use kebab-case filenames (no spaces); prefer SVG/PNG, include source files (e.g., .drawio). +- Keep files small; avoid committing large binaries. +- Refer to assets from kubernetes/README.md with relative paths.backend/.env.sample (1)
1-2: Align REDIS_URL format with backend/.env.docker and drop quotesUse a URI with scheme for consistency and avoid quotes to satisfy dotenv lint.
-MONGODB_URI="mongodb://127.0.0.1/wanderlust" -REDIS_URL="127.0.0.1:6379" +MONGODB_URI=mongodb://127.0.0.1/wanderlust +REDIS_URL=redis://127.0.0.1:6379Automations/updatefrontendnew.sh (1)
1-34: Harden script: correct exit code, robust matching, quoting, and error checksCurrent issues: exit -1, brittle file comparison, unquoted vars, no failure checks, hard-coded instance id.
#!/bin/bash +set -euo pipefail @@ -INSTANCE_ID="i-0c7c9d3d4e8c3a012" +INSTANCE_ID="${INSTANCE_ID:-i-0c7c9d3d4e8c3a012}" # allow override via env/arg @@ -ipv4_address=$(aws ec2 describe-instances --instance-ids $INSTANCE_ID --query 'Reservations[0].Instances[0].PublicIpAddress' --output text) +ipv4_address="$(aws ec2 describe-instances --instance-ids "${INSTANCE_ID}" --query 'Reservations[0].Instances[0].PublicIpAddress' --output text)" +if [[ -z "${ipv4_address}" || "${ipv4_address}" == "None" ]]; then + echo -e "${RED}ERROR: Could not resolve public IPv4 for instance ${INSTANCE_ID}${NC}" + exit 1 +fi @@ -file_to_find="../frontend/.env.docker" -alreadyUpdate=$(cat ../frontend/.env.docker) +file_to_find="../frontend/.env.docker" +current_line="$(sed -n 's/^VITE_API_PATH=.*/&/p' "${file_to_find}" || true)" @@ -if [[ "${alreadyUpdate}" == "VITE_API_PATH=\"http://${ipv4_address}:31100\"" ]] +if [[ "${current_line}" == "VITE_API_PATH=\"http://${ipv4_address}:31100\"" ]] then echo -e "${YELLOW}${file_to_find} file is already updated to the current host's Ipv4 ${NC}" - exit -1; + exit 0 else - if [ -f ${file_to_find} ] + if [ -f "${file_to_find}" ] then echo -e "${GREEN}${file_to_find}${NC} found.." echo -e "${YELLOW}Configuring env variables in ${NC} ${file_to_find}" - sleep 7s; - sed -i -e "s|VITE_API_PATH.*|VITE_API_PATH=\"http://${ipv4_address}:31100\"|g" ${file_to_find} + sed -i -e "s|^VITE_API_PATH.*|VITE_API_PATH=\"http://${ipv4_address}:31100\"|g" "${file_to_find}" echo -e "${GREEN}env variables configured..${NC}" else echo -e "${RED}ERROR : File not found..${NC}" + exit 1 fi fiAlso consider accepting INSTANCE_ID as a positional arg and validating AWS CLI presence.
Based on ShellCheck hint SC2242.Automations/updatebackendnew.sh (1)
1-36: Make update resilient: robust FRONTEND_URL detection, safe exits, quoting, and checksReading “line 4” is brittle; use key match. Fix exit code and quoting; handle missing IP and file.
#!/bin/bash +set -euo pipefail @@ -INSTANCE_ID="i-0c7c9d3d4e8c3a012" +INSTANCE_ID="${INSTANCE_ID:-i-0c7c9d3d4e8c3a012}" @@ -ipv4_address=$(aws ec2 describe-instances --instance-ids $INSTANCE_ID --query 'Reservations[0].Instances[0].PublicIpAddress' --output text) +ipv4_address="$(aws ec2 describe-instances --instance-ids "${INSTANCE_ID}" --query 'Reservations[0].Instances[0].PublicIpAddress' --output text)" +if [[ -z "${ipv4_address}" || "${ipv4_address}" == "None" ]]; then + echo -e "${RED}ERROR: Could not resolve public IPv4 for instance ${INSTANCE_ID}${NC}" + exit 1 +fi @@ -file_to_find="../backend/.env.docker" -alreadyUpdate=$(sed -n "4p" ../backend/.env.docker) +file_to_find="../backend/.env.docker" +current_line="$(sed -n 's/^FRONTEND_URL=.*/&/p' "${file_to_find}" || true)" @@ -if [[ "${alreadyUpdate}" == "FRONTEND_URL=\"http://${ipv4_address}:5173\"" ]] +if [[ "${current_line}" == "FRONTEND_URL=\"http://${ipv4_address}:5173\"" ]] then echo -e "${YELLOW}${file_to_find} file is already updated to the current host's Ipv4 ${NC}" - exit -1; + exit 0 else - if [ -f ${file_to_find} ] + if [ -f "${file_to_find}" ] then echo -e "${GREEN}${file_to_find}${NC} found.." echo -e "${YELLOW}Configuring env variables in ${NC} ${file_to_find}" - sleep 7s; - sed -i -e "s|FRONTEND_URL.*|FRONTEND_URL=\"http://${ipv4_address}:5173\"|g" ${file_to_find} + sed -i -e "s|^FRONTEND_URL.*|FRONTEND_URL=\"http://${ipv4_address}:5173\"|g" "${file_to_find}" echo -e "${GREEN}env variables configured..${NC}" else echo -e "${RED}ERROR : File not found..${NC}" + exit 1 fi fiRemove the unused “Use curl to fetch the public IPv4 address” comment.
Based on ShellCheck hint SC2242.frontend/.env.docker (1)
1-1: Avoid hard-coded IP; prefer service DNS or placeholder and drop quotesTo reduce churn and align with Compose networking, point to the backend service name or use a placeholder updated by your scripts.
-VITE_API_PATH="http://13.52.243.88:31100" +VITE_API_PATH=http://backend:8080 +# or keep a placeholder and run Automations/updatefrontendnew.sh to inject the host IP: +# VITE_API_PATH=http://<your-host-ip>:31100backend/Dockerfile (1)
7-15: Slim final image; avoid carrying dev deps and test artifactsCurrent COPY from builder brings node_modules (incl. devDeps) and test artifacts. Prefer production install in the final stage.
Apply:
-# packages install -RUN npm i -# tests -RUN npm run test +RUN npm ci +RUN npm test @@ -FROM node:21-slim +FROM node:21-slim @@ -COPY --from=backend-builder /app . +# Install only prod deps in runtime +COPY package*.json ./ +RUN npm ci --omit=dev +# Copy app source (adjust if using build artifacts) +COPY . .Optionally set:
+ENV NODE_ENV=productionAlso applies to: 23-24
kubernetes/backend.yaml (1)
18-24: Harden pod and add health probes + resourcesAdd securityContext, readiness/liveness probes, and resource requests/limits. This improves safety and rollout behavior.
Apply:
containers: - name: backend image: madhupdevops/wanderlust-backend-beta:v2.1.0 + securityContext: + runAsNonRoot: true + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + resources: + requests: + cpu: "100m" + memory: "128Mi" + limits: + cpu: "500m" + memory: "512Mi" + readinessProbe: + httpGet: + path: /health + port: 8080 + initialDelaySeconds: 5 + periodSeconds: 10 + livenessProbe: + httpGet: + path: /health + port: 8080 + initialDelaySeconds: 15 + periodSeconds: 20 ports: - containerPort: 8080frontend/Dockerfile (1)
13-13: Minor: use canonical Dockerfile instruction casingUse RUN (uppercase) for consistency.
-Run npm run test +RUN npm testkubernetes/frontend.yaml (1)
18-24: Harden pod and add probes/resourcesAdd least-privilege securityContext, readiness/liveness probes, and resource requests/limits.
Apply:
containers: - name: frontend image: madhupdevops/wanderlust-frontend-beta:v2.1.0 + securityContext: + runAsNonRoot: true + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + resources: + requests: + cpu: "50m" + memory: "64Mi" + limits: + cpu: "300m" + memory: "256Mi" + readinessProbe: + httpGet: + path: / + port: 5173 + initialDelaySeconds: 5 + periodSeconds: 10 + livenessProbe: + httpGet: + path: / + port: 5173 + initialDelaySeconds: 15 + periodSeconds: 20 ports: - containerPort: 5173docker-compose.yml (1)
29-37: Nit: unnecessary dependency and exposureredis doesn’t depend on mongodb; remove depends_on. Use ports if you need host access; expose is service-internal only.
Apply:
- expose: - - 6379 - depends_on: - - mongodb + ports: + - "6379:6379"GitOps/Jenkinsfile (2)
56-72: Improve commit metadata and robustnessSet user.name/email before commit; clearer message; push same branch explicitly.
Apply:
- git commit -m "Updated environment variables" + git config user.email "ci@your-org.example" + git config user.name "Wanderlust CI Bot" + git commit -m "GitOps: update k8s image tags (fe=${params.FRONTEND_DOCKER_TAG}, be=${params.BACKEND_DOCKER_TAG})" @@ - git push https://github.com/DevMadhup/wanderlust.git devops + git push https://github.com/DevMadhup/wanderlust.git HEAD:devops
27-34: Sanity log: echoing tags only—consider validating non-empty valuesFail early if tags are empty.
Apply:
- echo "FRONTEND_DOCKER_TAG: ${params.FRONTEND_DOCKER_TAG}" - echo "BACKEND_DOCKER_TAG: ${params.BACKEND_DOCKER_TAG}" + if [ -z "${params.FRONTEND_DOCKER_TAG}" ] || [ -z "${params.BACKEND_DOCKER_TAG}" ]; then + error "FRONTEND_DOCKER_TAG and BACKEND_DOCKER_TAG must be provided" + fi + echo "FRONTEND_DOCKER_TAG: ${params.FRONTEND_DOCKER_TAG}" + echo "BACKEND_DOCKER_TAG: ${params.BACKEND_DOCKER_TAG}"Automations/updateFrontend.sh (1)
4-9: Quote paths/vars and anchor sed; append if key missing; drop arbitrary sleep
- Quote
${file_to_find}to avoid word-splitting.- Anchor the pattern to start of line to prevent accidental replacements.
- If
VITE_API_PATHisn’t present, append it instead of no-op.- Remove
sleep 7s; it needlessly slows CI.-file_to_find="../frontend/.env.docker" -alreadyUpdate=$(cat ../frontend/.env.docker) +file_to_find="../frontend/.env.docker" +alreadyUpdate=$(grep -E '^VITE_API_PATH=' "${file_to_find}" 2>/dev/null || true) @@ - if [ -f ${file_to_find} ] + if [ -f "${file_to_find}" ] then - echo -e "${GREEN}${file_to_find}${NC} found.." - echo -e "${YELLOW}Configuring env variables in ${NC} ${file_to_find}" - sleep 7s; - sed -i -e "s|VITE_API_PATH.*|VITE_API_PATH=\"http://${ipv4_address}:31100\"|g" ${file_to_find} - echo -e "${GREEN}env variables configured..${NC}" + echo -e "${GREEN}${file_to_find}${NC} found.." + echo -e "${YELLOW}Configuring env variables in ${NC} ${file_to_find}" + if grep -qE '^VITE_API_PATH=' "${file_to_find}"; then + sed -i -e "s|^VITE_API_PATH=.*|VITE_API_PATH=\"http://${ipv4_address}:31100\"|g" "${file_to_find}" + else + printf '\nVITE_API_PATH="http://%s:31100"\n' "${ipv4_address}" >> "${file_to_find}" + fi + echo -e "${GREEN}env variables configured..${NC}" else - echo -e "${RED}ERROR : File not found..${NC}" + echo -e "${RED}ERROR : File not found: ${file_to_find}${NC}" fiAlso applies to: 21-30
Jenkinsfile (1)
87-106: Use unique, immutable tags to avoid overwrites and enable traceability
test-image-donot-useis mutable and non-unique. Prefer tags with BUILD_NUMBER/GIT_COMMIT and pass them downstream.def tag = "${env.BUILD_NUMBER}-${env.GIT_COMMIT?.take(7) ?: 'local'}" docker_build("backend-wanderlust", tag, "madhupdevops") docker_build("frontend-wanderlust", tag, "madhupdevops") docker_push("backend-wanderlust", tag, "madhupdevops") docker_push("frontend-wanderlust", tag, "madhupdevops") ... build job: "Wanderlust-CD", parameters: [ string(name: 'FRONTEND_DOCKER_TAG', value: tag), string(name: 'BACKEND_DOCKER_TAG', value: tag) ]Also applies to: 111-118
Automations/updateBackend.sh (1)
4-9: Avoid line-number dependency; quote paths; anchor sed; append if missing; remove sleep
sed -n "4p"is brittle. Parse by key name.- Quote
${file_to_find}.- Anchor
^FRONTEND_URL=; append if missing.- Drop
sleep 7s.-file_to_find="../backend/.env.docker" -alreadyUpdate=$(sed -n "4p" ../backend/.env.docker) +file_to_find="../backend/.env.docker" +alreadyUpdate=$(grep -E '^FRONTEND_URL=' "${file_to_find}" 2>/dev/null || true) @@ - if [ -f ${file_to_find} ] + if [ -f "${file_to_find}" ] then echo -e "${GREEN}${file_to_find}${NC} found.." echo -e "${YELLOW}Configuring env variables in ${NC} ${file_to_find}" - sleep 7s; - sed -i -e "s|FRONTEND_URL.*|FRONTEND_URL=\"http://${ipv4_address}:5173\"|g" ${file_to_find} + if grep -qE '^FRONTEND_URL=' "${file_to_find}"; then + sed -i -e "s|^FRONTEND_URL=.*|FRONTEND_URL=\"http://${ipv4_address}:5173\"|g" "${file_to_find}" + else + printf '\nFRONTEND_URL="http://%s:5173"\n' "${ipv4_address}" >> "${file_to_find}" + fi echo -e "${GREEN}env variables configured..${NC}" else - echo -e "${RED}ERROR : File not found..${NC}" + echo -e "${RED}ERROR : File not found: ${file_to_find}${NC}" fiAlso applies to: 21-30
kubernetes/README.md (1)
1-191: Tidy Markdown headings and make asset links branch‑agnostic
- Fix heading levels (increment by one) and avoid duplicate “#” headings flagged by markdownlint.
- Use relative image links or point to a stable path (main) to avoid broken images when branches change.
Examples:
- Change repeated “#” dividers to plain text or horizontal rules.
- Replace absolute GitHub blob URLs with
./assets/...and ensure assets sit alongside the README.kubernetes/mongodb.yaml (1)
19-31: Harden the MongoDB pod: run as non‑root, disable privilege escalation, add resources and probesAddress the flagged K8s security findings and improve reliability.
spec: containers: - name: mongo - image: mongo + image: mongo:6.0 ports: - containerPort: 27017 + securityContext: + runAsNonRoot: true + runAsUser: 999 + runAsGroup: 999 + allowPrivilegeEscalation: false + seccompProfile: + type: RuntimeDefault + capabilities: + drop: ["ALL"] + resources: + requests: + cpu: "100m" + memory: "256Mi" + limits: + cpu: "500m" + memory: "512Mi" + livenessProbe: + tcpSocket: + port: 27017 + initialDelaySeconds: 20 + periodSeconds: 10 + readinessProbe: + exec: + command: ["mongosh", "--quiet", "--eval", "db.adminCommand('ping')"] + initialDelaySeconds: 20 + periodSeconds: 10 volumeMounts: - name: mongo-storage mountPath: /data/dbNote: Ensure
mongo-pvcexists in the same namespace (wanderlust) before applying this Deployment.
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
⛔ Files ignored due to path filters (19)
kubernetes/assets/all-deps.pngis excluded by!**/*.pngkubernetes/assets/app.pngis excluded by!**/*.pngkubernetes/assets/backend.env.docker.pngis excluded by!**/*.pngkubernetes/assets/backend.pngis excluded by!**/*.pngkubernetes/assets/context wanderlust.pngis excluded by!**/*.pngkubernetes/assets/docker backend build.pngis excluded by!**/*.pngkubernetes/assets/docker frontend build.pngis excluded by!**/*.pngkubernetes/assets/docker images.pngis excluded by!**/*.pngkubernetes/assets/docker login.pngis excluded by!**/*.pngkubernetes/assets/edit-coredns.pngis excluded by!**/*.pngkubernetes/assets/frontend.env.docker.pngis excluded by!**/*.pngkubernetes/assets/frontend.pngis excluded by!**/*.pngkubernetes/assets/get-coredns.pngis excluded by!**/*.pngkubernetes/assets/mongo.pngis excluded by!**/*.pngkubernetes/assets/namespace create.pngis excluded by!**/*.pngkubernetes/assets/nodes.pngis excluded by!**/*.pngkubernetes/assets/pv.pngis excluded by!**/*.pngkubernetes/assets/pvc.pngis excluded by!**/*.pngkubernetes/assets/redis.pngis excluded by!**/*.png
📒 Files selected for processing (23)
Automations/updateBackend.sh(1 hunks)Automations/updateFrontend.sh(1 hunks)Automations/updatebackendnew.sh(1 hunks)Automations/updatefrontendnew.sh(1 hunks)GitOps/Jenkinsfile(1 hunks)Jenkinsfile(1 hunks)README.md(1 hunks)backend/.env.docker(1 hunks)backend/.env.sample(1 hunks)backend/Dockerfile(1 hunks)docker-compose.yml(1 hunks)frontend/.env.docker(1 hunks)frontend/.env.sample(1 hunks)frontend/Dockerfile(1 hunks)kubernetes/README.md(1 hunks)kubernetes/assets/README.md(1 hunks)kubernetes/backend.yaml(1 hunks)kubernetes/frontend.yaml(1 hunks)kubernetes/kubeadm.md(1 hunks)kubernetes/mongodb.yaml(1 hunks)kubernetes/persistentVolume.yaml(1 hunks)kubernetes/persistentVolumeClaim.yaml(1 hunks)kubernetes/redis.yaml(1 hunks)
🧰 Additional context used
🪛 Checkov (3.2.334)
kubernetes/backend.yaml
[medium] 1-24: Containers should not run with allowPrivilegeEscalation
(CKV_K8S_20)
[medium] 1-24: Minimize the admission of root containers
(CKV_K8S_23)
kubernetes/frontend.yaml
[medium] 1-24: Containers should not run with allowPrivilegeEscalation
(CKV_K8S_20)
[medium] 1-24: Minimize the admission of root containers
(CKV_K8S_23)
kubernetes/redis.yaml
[medium] 1-31: Containers should not run with allowPrivilegeEscalation
(CKV_K8S_20)
[medium] 1-31: Minimize the admission of root containers
(CKV_K8S_23)
kubernetes/mongodb.yaml
[medium] 1-32: Containers should not run with allowPrivilegeEscalation
(CKV_K8S_20)
[medium] 1-32: Minimize the admission of root containers
(CKV_K8S_23)
🪛 dotenv-linter (3.3.0)
backend/.env.docker
[warning] 1-1: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 2-2: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 3-3: [UnorderedKey] The PORT key should go before the REDIS_URL key
(UnorderedKey)
[warning] 4-4: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 4-4: [UnorderedKey] The FRONTEND_URL key should go before the MONGODB_URI key
(UnorderedKey)
[warning] 5-5: [UnorderedKey] The ACCESS_COOKIE_MAXAGE key should go before the FRONTEND_URL key
(UnorderedKey)
[warning] 6-6: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 6-6: [UnorderedKey] The ACCESS_TOKEN_EXPIRES_IN key should go before the FRONTEND_URL key
(UnorderedKey)
[warning] 8-8: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 9-9: [UnorderedKey] The JWT_SECRET key should go before the MONGODB_URI key
(UnorderedKey)
[warning] 10-10: [UnorderedKey] The NODE_ENV key should go before the PORT key
(UnorderedKey)
frontend/.env.sample
[warning] 1-1: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
frontend/.env.docker
[warning] 1-1: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
backend/.env.sample
[warning] 2-2: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
🪛 Gitleaks (8.28.0)
backend/.env.docker
[high] 9-9: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
🪛 markdownlint-cli2 (0.18.1)
kubernetes/kubeadm.md
1-1: Multiple spaces after hash on atx style heading
(MD019, no-multiple-space-atx)
kubernetes/README.md
3-3: Heading levels should only increment by one level at a time
Expected: h2; Actual: h3
(MD001, heading-increment)
17-17: Multiple headings with the same content
(MD024, no-duplicate-heading)
23-23: Multiple headings with the same content
(MD024, no-duplicate-heading)
30-30: Multiple headings with the same content
(MD024, no-duplicate-heading)
37-37: Multiple headings with the same content
(MD024, no-duplicate-heading)
44-44: Multiple headings with the same content
(MD024, no-duplicate-heading)
63-63: Multiple headings with the same content
(MD024, no-duplicate-heading)
69-69: Multiple headings with the same content
(MD024, no-duplicate-heading)
76-76: Multiple headings with the same content
(MD024, no-duplicate-heading)
83-83: Multiple headings with the same content
(MD024, no-duplicate-heading)
89-89: Multiple headings with the same content
(MD024, no-duplicate-heading)
100-100: Multiple headings with the same content
(MD024, no-duplicate-heading)
107-107: Multiple headings with the same content
(MD024, no-duplicate-heading)
114-114: Multiple headings with the same content
(MD024, no-duplicate-heading)
126-126: Multiple headings with the same content
(MD024, no-duplicate-heading)
132-132: Multiple headings with the same content
(MD024, no-duplicate-heading)
172-172: Multiple headings with the same content
(MD024, no-duplicate-heading)
191-191: Multiple headings with the same content
(MD024, no-duplicate-heading)
🪛 Shellcheck (0.11.0)
Automations/updateFrontend.sh
[error] 19-19: Can only exit with status 0-255. Other data should be written to stdout/stderr.
(SC2242)
Automations/updatebackendnew.sh
[error] 24-24: Can only exit with status 0-255. Other data should be written to stdout/stderr.
(SC2242)
Automations/updateBackend.sh
[error] 19-19: Can only exit with status 0-255. Other data should be written to stdout/stderr.
(SC2242)
Automations/updatefrontendnew.sh
[error] 22-22: Can only exit with status 0-255. Other data should be written to stdout/stderr.
(SC2242)
🔇 Additional comments (1)
frontend/.env.sample (1)
1-1: Remove unnecessary quotes from VITE_API_PATH in .env.sampleUnquoted values avoid dotenv-linter warnings and simplify sed-based updates. Aligns with .env.docker.
Apply this diff:
-VITE_API_PATH="http://localhost:5000" +VITE_API_PATH=http://localhost:5000Manually verify any automation or deployment scripts referencing VITE_API_PATH handle unquoted values correctly.
| # Use curl to fetch the public IPv4 address from the metadata service | ||
| ipv4_address=$(curl -s http://169.254.169.254/latest/meta-data/public-ipv4) | ||
|
|
||
| echo -e " ${GREEN}System Public Ipv4 address ${NC} : ${ipv4_address}" | ||
|
|
There was a problem hiding this comment.
Validate IPv4 and add curl timeouts; abort safely if unavailable
Prevent writing an empty IP to the env file when metadata is unreachable.
-ipv4_address=$(curl -s http://169.254.169.254/latest/meta-data/public-ipv4)
+ipv4_address=$(curl -s --connect-timeout 2 -m 4 http://169.254.169.254/latest/meta-data/public-ipv4 || true)
+if [ -z "${ipv4_address}" ]; then
+ echo -e "${RED}ERROR: Could not determine public IPv4 (metadata unavailable). Aborting without changes.${NC}"
+ exit 1
+fi🤖 Prompt for AI Agents
In Automations/updateBackend.sh around lines 11 to 15, the script fetches the
public IPv4 without timeouts or validation and may write an empty value; update
the curl invocation to include sensible timeouts (e.g. --connect-timeout and
--max-time) and capture curl exit status, then validate the result against a
simple IPv4 regex (or use getent/hostname -I if available); if the result is
empty or fails validation, print an error and exit non‑zero without modifying
the env file, otherwise continue and write the validated IPv4.
| if [[ "${alreadyUpdate}" == "FRONTEND_URL=\"http://${ipv4_address}:5173\"" ]] | ||
| then | ||
| echo -e "${YELLOW}${file_to_find} file is already updated to the current host's Ipv4 ${NC}" | ||
| exit -1; | ||
| else |
There was a problem hiding this comment.
Non‑zero exit on idempotent run will break Jenkins
exit -1 yields 255 and fails the stage when no change is needed. Return 0 for “already updated.”
- echo -e "${YELLOW}${file_to_find} file is already updated to the current host's Ipv4 ${NC}"
- exit -1;
+ echo -e "${YELLOW}${file_to_find} already matches current IPv4. No changes.${NC}"
+ exit 0📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| if [[ "${alreadyUpdate}" == "FRONTEND_URL=\"http://${ipv4_address}:5173\"" ]] | |
| then | |
| echo -e "${YELLOW}${file_to_find} file is already updated to the current host's Ipv4 ${NC}" | |
| exit -1; | |
| else | |
| if [[ "${alreadyUpdate}" == "FRONTEND_URL=\"http://${ipv4_address}:5173\"" ]] | |
| then | |
| echo -e "${YELLOW}${file_to_find} already matches current IPv4. No changes.${NC}" | |
| exit 0 | |
| else |
🧰 Tools
🪛 Shellcheck (0.11.0)
[error] 19-19: Can only exit with status 0-255. Other data should be written to stdout/stderr.
(SC2242)
🤖 Prompt for AI Agents
In Automations/updateBackend.sh around lines 16 to 20, the script exits with
exit -1 (which becomes 255) when the file is already updated; change this to
exit 0 so an idempotent run returns success for CI. Update the branch to echo
the "already updated" message and then call exit 0 (remove the unnecessary
semicolon) so Jenkins stages don't fail when no change is required.
| # Use curl to fetch the public IPv4 address from the metadata service | ||
| ipv4_address=$(curl -s http://169.254.169.254/latest/meta-data/public-ipv4) | ||
|
|
||
| echo -e " ${GREEN}System Public Ipv4 address ${NC} : ${ipv4_address}" | ||
|
|
There was a problem hiding this comment.
Harden IPv4 retrieval (timeout + fail if empty; IMDSv2 preferred)
Add curl timeouts and validate the value before proceeding. If empty, abort without touching the file. Consider IMDSv2 when on AWS.
-# Use curl to fetch the public IPv4 address from the metadata service
-ipv4_address=$(curl -s http://169.254.169.254/latest/meta-data/public-ipv4)
+## Fetch public IPv4 (AWS IMDS). Use timeouts; abort if empty.
+ipv4_address=$(curl -s --connect-timeout 2 -m 4 http://169.254.169.254/latest/meta-data/public-ipv4 || true)
+if [ -z "${ipv4_address}" ]; then
+ echo -e "${RED}ERROR: Could not determine public IPv4 (metadata unavailable). Aborting without changes.${NC}"
+ exit 1
+fi📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| # Use curl to fetch the public IPv4 address from the metadata service | |
| ipv4_address=$(curl -s http://169.254.169.254/latest/meta-data/public-ipv4) | |
| echo -e " ${GREEN}System Public Ipv4 address ${NC} : ${ipv4_address}" | |
| ## Fetch public IPv4 (AWS IMDS). Use timeouts; abort if empty. | |
| ipv4_address=$(curl -s --connect-timeout 2 -m 4 http://169.254.169.254/latest/meta-data/public-ipv4 || true) | |
| if [ -z "${ipv4_address}" ]; then | |
| echo -e "${RED}ERROR: Could not determine public IPv4 (metadata unavailable). Aborting without changes.${NC}" | |
| exit 1 | |
| fi | |
| echo -e " ${GREEN}System Public Ipv4 address ${NC} : ${ipv4_address}" |
🤖 Prompt for AI Agents
In Automations/updateFrontend.sh around lines 11 to 15, the script fetches the
public IPv4 without timeouts, validation or IMDSv2 support; update it to use
IMDSv2 by first requesting a token with a short timeout (curl --connect-timeout
and --max-time), then use that token to query the public-ipv4; if token request
fails, fall back to a timed metadata-v1 call; always check the returned value
and if empty or missing abort the script with a non-zero exit and a clear error
message so the file is not modified.
| if [[ "${alreadyUpdate}" == "VITE_API_PATH=\"http://${ipv4_address}:31100\"" ]] | ||
| then | ||
| echo -e "${YELLOW}${file_to_find} file is already updated to the current host's Ipv4 ${NC}" | ||
| exit -1; | ||
| else |
There was a problem hiding this comment.
Do not exit with -1; return success on idempotent run
exit -1 maps to 255 and will fail the Jenkins stage when the file is already updated. Use 0 for idempotent no-op.
Apply:
- echo -e "${YELLOW}${file_to_find} file is already updated to the current host's Ipv4 ${NC}"
- exit -1;
+ echo -e "${YELLOW}${file_to_find} already matches current IPv4. No changes.${NC}"
+ exit 0🧰 Tools
🪛 Shellcheck (0.11.0)
[error] 19-19: Can only exit with status 0-255. Other data should be written to stdout/stderr.
(SC2242)
🤖 Prompt for AI Agents
In Automations/updateFrontend.sh around lines 16 to 20, the script exits with -1
(which becomes 255) when the file is already updated; change that to return
success for an idempotent no-op by replacing exit -1 with exit 0 (or simply
remove the exit to allow normal successful completion), and ensure any
callers/Jenkins see a zero exit code for the already-updated case.
| MONGODB_URI="mongodb://mongo-service/wanderlust" | ||
| REDIS_URL="redis://redis-service:6379" | ||
| PORT=8080 | ||
| FRONTEND_URL="http://13.52.243.88:5173" | ||
| ACCESS_COOKIE_MAXAGE=120000 | ||
| ACCESS_TOKEN_EXPIRES_IN='120s' | ||
| REFRESH_COOKIE_MAXAGE=120000 | ||
| REFRESH_TOKEN_EXPIRES_IN='120s' | ||
| JWT_SECRET=70dd8b38486eee723ce2505f6db06f1ee503fde5eb06fc04687191a0ed665f3f98776902d2c89f6b993b1c579a87fedaf584c693a106f7cbf16e8b4e67e9d6df | ||
| NODE_ENV=Development |
There was a problem hiding this comment.
Remove hard-coded JWT secret from repo and use secrets/placeholders
A real-looking JWT_SECRET is committed (detected by gitleaks). This is a security blocker. Replace with a placeholder and inject via secret manager, CI/CD, or a local untracked .env.
-JWT_SECRET=70dd8b38486eee723ce2505f6db06f1ee503fde5eb06fc04687191a0ed665f3f98776902d2c89f6b993b1c579a87fedaf584c693a106f7cbf16e8b4e67e9d6df
+JWT_SECRET=change-meAdditional recommendations:
- Use service DNS names in Docker Compose to avoid IPs, e.g., VITE_API_PATH=http://backend:8080 and FRONTEND_URL=http://frontend:5173.
- Consider NODE_ENV=development or production (lowercase is conventional in Node ecosystems).
- Remove unnecessary quotes in values to satisfy dotenv linters.
📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| MONGODB_URI="mongodb://mongo-service/wanderlust" | |
| REDIS_URL="redis://redis-service:6379" | |
| PORT=8080 | |
| FRONTEND_URL="http://13.52.243.88:5173" | |
| ACCESS_COOKIE_MAXAGE=120000 | |
| ACCESS_TOKEN_EXPIRES_IN='120s' | |
| REFRESH_COOKIE_MAXAGE=120000 | |
| REFRESH_TOKEN_EXPIRES_IN='120s' | |
| JWT_SECRET=70dd8b38486eee723ce2505f6db06f1ee503fde5eb06fc04687191a0ed665f3f98776902d2c89f6b993b1c579a87fedaf584c693a106f7cbf16e8b4e67e9d6df | |
| NODE_ENV=Development | |
| MONGODB_URI="mongodb://mongo-service/wanderlust" | |
| REDIS_URL="redis://redis-service:6379" | |
| PORT=8080 | |
| FRONTEND_URL="http://13.52.243.88:5173" | |
| ACCESS_COOKIE_MAXAGE=120000 | |
| ACCESS_TOKEN_EXPIRES_IN='120s' | |
| REFRESH_COOKIE_MAXAGE=120000 | |
| REFRESH_TOKEN_EXPIRES_IN='120s' | |
| JWT_SECRET=change-me | |
| NODE_ENV=Development |
🧰 Tools
🪛 dotenv-linter (3.3.0)
[warning] 1-1: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 2-2: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 3-3: [UnorderedKey] The PORT key should go before the REDIS_URL key
(UnorderedKey)
[warning] 4-4: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 4-4: [UnorderedKey] The FRONTEND_URL key should go before the MONGODB_URI key
(UnorderedKey)
[warning] 5-5: [UnorderedKey] The ACCESS_COOKIE_MAXAGE key should go before the FRONTEND_URL key
(UnorderedKey)
[warning] 6-6: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 6-6: [UnorderedKey] The ACCESS_TOKEN_EXPIRES_IN key should go before the FRONTEND_URL key
(UnorderedKey)
[warning] 8-8: [QuoteCharacter] The value has quote characters (', ")
(QuoteCharacter)
[warning] 9-9: [UnorderedKey] The JWT_SECRET key should go before the MONGODB_URI key
(UnorderedKey)
[warning] 10-10: [UnorderedKey] The NODE_ENV key should go before the PORT key
(UnorderedKey)
🪛 Gitleaks (8.28.0)
[high] 9-9: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.
(generic-api-key)
🤖 Prompt for AI Agents
In backend/.env.docker around lines 1 to 10, a real-looking JWT_SECRET is
committed; replace it with a non-sensitive placeholder (e.g.
JWT_SECRET=__REPLACE_WITH_SECRET__) and ensure the real secret is injected at
runtime via your secret manager, CI/CD environment variables, or an untracked
local .env file; also update FRONTEND_URL and any API path to use Docker service
DNS (e.g. http://frontend:5173 and http://backend:8080 or VITE_API_PATH) instead
of an IP, remove unnecessary quotes from values to satisfy dotenv linters, and
normalize NODE_ENV to lowercase (development or production).
| - <i> Installing Docker </i> | ||
| ```bash | ||
| sudo apt install docker.io -y | ||
| ``` | ||
| ```bash | ||
| sudo chmod 777 /var/run/docker.sock | ||
| ``` | ||
|
|
There was a problem hiding this comment.
Avoid installing Docker alongside CRI-O and never chmod 777 docker.sock
- Using CRI-O as the runtime makes installing Docker unnecessary; it can confuse operators and break expectations.
- chmod 777 /var/run/docker.sock is a serious security risk.
Recommendations:
- Drop Docker steps entirely when using CRI-O (or choose containerd and document only one runtime).
- If Docker is needed for other tasks, add the user to the docker group instead:
- sudo usermod -aG docker $USER && newgrp docker
- Optional: fix minor markdown lint (remove extra spaces after heading hashes).
Also applies to: 47-74
🤖 Prompt for AI Agents
In kubernetes/kubeadm.md around lines 14 to 21 (and similarly lines 47 to 74),
remove the Docker installation and the sudo chmod 777 /var/run/docker.sock step
because CRI-O is the chosen container runtime and installing Docker or making
the socket world-writable is unnecessary and insecure; instead either document
only CRI-O (or choose a single runtime like containerd) or, if Docker must
remain for other tasks, replace the chmod step with guidance to add the user to
the docker group (sudo usermod -aG docker $USER && newgrp docker). Also clean up
markdown lint issues by removing extra spaces after heading hashes.
| apiVersion: v1 | ||
| kind: PersistentVolume | ||
| metadata: | ||
| name: mongo-pv | ||
| namespace: wanderlust | ||
| spec: | ||
| capacity: | ||
| storage: 5Gi | ||
| volumeMode: Filesystem | ||
| accessModes: | ||
| - ReadWriteOnce | ||
| hostPath: | ||
| path: /data/db |
There was a problem hiding this comment.
PersistentVolume must not set metadata.namespace
PV is cluster-scoped; namespace is invalid and may be rejected. Also consider explicit reclaim policy.
apiVersion: v1
kind: PersistentVolume
metadata:
name: mongo-pv
- namespace: wanderlust
spec:
capacity:
storage: 5Gi
volumeMode: Filesystem
accessModes:
- ReadWriteOnce
+ persistentVolumeReclaimPolicy: Retain
hostPath:
path: /data/db📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| apiVersion: v1 | |
| kind: PersistentVolume | |
| metadata: | |
| name: mongo-pv | |
| namespace: wanderlust | |
| spec: | |
| capacity: | |
| storage: 5Gi | |
| volumeMode: Filesystem | |
| accessModes: | |
| - ReadWriteOnce | |
| hostPath: | |
| path: /data/db | |
| apiVersion: v1 | |
| kind: PersistentVolume | |
| metadata: | |
| name: mongo-pv | |
| spec: | |
| capacity: | |
| storage: 5Gi | |
| volumeMode: Filesystem | |
| accessModes: | |
| - ReadWriteOnce | |
| persistentVolumeReclaimPolicy: Retain | |
| hostPath: | |
| path: /data/db |
🤖 Prompt for AI Agents
In kubernetes/persistentVolume.yaml around lines 1 to 13, the PersistentVolume
manifest incorrectly sets metadata.namespace and lacks an explicit reclaim
policy; remove the metadata.namespace field (PVs are cluster-scoped) and add a
spec.persistentVolumeReclaimPolicy (e.g., Retain or Delete) to make the reclaim
behavior explicit.
| spec: | ||
| accessModes: | ||
| - ReadWriteOnce | ||
| storageClassName: "" | ||
| resources: | ||
| requests: | ||
| storage: 5Gi |
There was a problem hiding this comment.
Don’t share this RWO PVC across Mongo and Redis
RWO prevents simultaneous mounts; redis.yaml also claims mongo-pvc. Use separate PVCs (e.g., redis-pvc) and avoid cross-database sharing. Consider setting a real storageClassName (or rely on default) instead of empty string to enable dynamic provisioning.
🤖 Prompt for AI Agents
In kubernetes/persistentVolumeClaim.yaml around lines 6-12 the PVC is defined as
ReadWriteOnce with storageClassName set to an empty string and is currently
shared between Mongo and Redis; replace this single shared RWO PVC by creating
distinct PVCs (e.g., mongo-pvc and redis-pvc) so each StatefulSet/Deployment
claims its own PVC, update the consumers to reference the appropriate PVC name,
and either set storageClassName to a valid storage class (or remove the empty
string to use the cluster default) to allow dynamic provisioning; ensure
accessModes and storage request values are appropriate for each database.
| containers: | ||
| - name: redis | ||
| image: redis | ||
| ports: | ||
| - containerPort: 6379 | ||
| volumeMounts: | ||
| - name: mongo-storage | ||
| mountPath: /var/lib/redis/dump.rdb | ||
| volumes: | ||
| - name: mongo-storage | ||
| persistentVolumeClaim: | ||
| claimName: mongo-pvc | ||
| --- |
There was a problem hiding this comment.
Fix volume usage: wrong mountPath and PVC; harden pod
- mountPath must be a directory; use /data (Redis default).
- Don’t reuse mongo-pvc; create and reference a redis-dedicated PVC.
- Pin image tag; add securityContext and probes.
Apply:
- - name: redis
- image: redis
+ - name: redis
+ image: redis:7.0.5-alpine
ports:
- containerPort: 6379
volumeMounts:
- - name: mongo-storage
- mountPath: /var/lib/redis/dump.rdb
+ - name: redis-storage
+ mountPath: /data
+ securityContext:
+ runAsNonRoot: true
+ allowPrivilegeEscalation: false
+ readOnlyRootFilesystem: true
+ readinessProbe:
+ tcpSocket: { port: 6379 }
+ initialDelaySeconds: 5
+ periodSeconds: 10
+ livenessProbe:
+ tcpSocket: { port: 6379 }
+ initialDelaySeconds: 15
+ periodSeconds: 20
volumes:
- - name: mongo-storage
+ - name: redis-storage
persistentVolumeClaim:
- claimName: mongo-pvc
+ claimName: redis-pvcCreate a separate redis PVC (e.g., kubernetes/redis-pvc.yaml) with appropriate size/access.
📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| containers: | |
| - name: redis | |
| image: redis | |
| ports: | |
| - containerPort: 6379 | |
| volumeMounts: | |
| - name: mongo-storage | |
| mountPath: /var/lib/redis/dump.rdb | |
| volumes: | |
| - name: mongo-storage | |
| persistentVolumeClaim: | |
| claimName: mongo-pvc | |
| --- | |
| containers: | |
| - name: redis | |
| image: redis:7.0.5-alpine | |
| ports: | |
| - containerPort: 6379 | |
| volumeMounts: | |
| - name: redis-storage | |
| mountPath: /data | |
| securityContext: | |
| runAsNonRoot: true | |
| allowPrivilegeEscalation: false | |
| readOnlyRootFilesystem: true | |
| readinessProbe: | |
| tcpSocket: { port: 6379 } | |
| initialDelaySeconds: 5 | |
| periodSeconds: 10 | |
| livenessProbe: | |
| tcpSocket: { port: 6379 } | |
| initialDelaySeconds: 15 | |
| periodSeconds: 20 | |
| volumes: | |
| - name: redis-storage | |
| persistentVolumeClaim: | |
| claimName: redis-pvc | |
| --- |
🧰 Tools
🪛 Checkov (3.2.334)
[medium] 1-31: Containers should not run with allowPrivilegeEscalation
(CKV_K8S_20)
[medium] 1-31: Minimize the admission of root containers
(CKV_K8S_23)
🤖 Prompt for AI Agents
In kubernetes/redis.yaml around lines 19 to 31, the pod spec mounts the PVC to a
file path and reuses a mongo PVC; fix by changing volumeMounts.mountPath to
Redis's data directory (/data), update volumes.persistentVolumeClaim.claimName
to a redis-specific PVC name (e.g., redis-pvc), and pin the image to a specific
tag (e.g., redis:7.0) instead of the floating "redis" tag; additionally harden
the pod by adding a securityContext (runAsNonRoot: true, runAsUser: 1000,
readOnlyRootFilesystem: false as appropriate) and add liveness and readiness
probes for Redis (TCP or command-based) to the container; finally create a
separate kubernetes/redis-pvc.yaml defining the redis PVC with suitable storage
size and accessModes and reference that PVC from this manifest.
| ### Setting up with Docker | ||
|
|
||
| 1. **Ensure Docker and Docker Compose are Installed** | ||
|
|
||
| 2. **Clone the Repository** | ||
|
|
||
| ``` bash | ||
|
|
||
| git clone https://github.com/{your-username}/wanderlust.git | ||
| ``` | ||
| 3. **Navigate to the Project Directory** | ||
|
|
||
| ```bash | ||
|
|
||
| cd wanderlust | ||
|
|
||
| ``` | ||
| 4. **Update Environment Variables** - If you anticipate the IP address of the instance might change, update the `.env.sample` file with the new IP address. | ||
|
|
||
| 5. **Run Docker Compose** | ||
|
|
||
| ```bash | ||
|
|
||
| docker-compose up | ||
| ``` | ||
| This command will build the Docker images and start the containers for the backend and frontend, enabling you to access the Wanderlust application. | ||
|
|
There was a problem hiding this comment.
🛠️ Refactor suggestion | 🟠 Major
Fix Docker setup instructions: update .env.docker files, not .env.sample
docker-compose uses backend/.env.docker and frontend/.env.docker. Editing .env.sample won’t apply to containers.
Suggested wording:
- Update environment variables:
- Edit backend/.env.docker (e.g., FRONTEND_URL) and frontend/.env.docker (e.g., VITE_API_PATH).
- Or run Automations/updatebackendnew.sh and Automations/updatefrontendnew.sh to auto-set host IPs.
- Start: docker compose up -d
🤖 Prompt for AI Agents
In README.md around lines 98 to 124, the Docker instructions incorrectly tell
users to edit .env.sample when docker-compose actually reads backend/.env.docker
and frontend/.env.docker; update the text to instruct users to edit
backend/.env.docker (e.g., FRONTEND_URL) and frontend/.env.docker (e.g.,
VITE_API_PATH) or run Automations/updatebackendnew.sh and
Automations/updatefrontendnew.sh to auto-set host IPs, and change the startup
command suggestion to use "docker compose up -d" for detached startup.
4 participants
Summary
Briefly describe the purpose of this PR.
Description
Explain in detail what this PR is all about. This should include the problem you're solving, the approach taken, and any technical details that reviewers need to know.
Images
Include any relevant images or diagrams that can help reviewers visualize the changes, if applicable
Issue(s) Addressed
Enter the issue number of the bug(s) that this PR fixes
Prerequisites
Summary by CodeRabbit
New Features
Documentation
Chores