Merged
Conversation
📝 WalkthroughWalkthroughRefactors GitHub Actions workflows to delegate Docker builds to a reusable workflow, changes workflow triggers/concurrency and Node setup inputs, and adds Nix flake and shell definitions for development and docker build tooling. Changes
Sequence Diagram(s)sequenceDiagram
autonumber
actor GitHub
participant Workflow as "Repo Workflow"
participant Reusable as "hopr-workflows/build-docker"
participant GCR as "GCP / Container Registry"
participant Cachix as "Cachix"
participant Zulip as "Zulip (notify)"
GitHub->>Workflow: trigger (push/PR/merge/release)
Workflow->>Reusable: call build-docker (inputs: matrix, version_type, image params, secrets)
Reusable->>Cachix: use Cachix for Nix caches (auth via secrets)
Reusable->>GCR: build & push image (using GCP creds)
Reusable-->>Workflow: return status & outputs (image tags, version)
alt failure on merge/release
Workflow->>Zulip: send failure message (Zulip creds)
end
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes 🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
🧹 Nitpick comments (4)
.github/workflows/merge.yaml (1)
8-8: Remove commented-out code.The commented
# - synchronizeline appears to be leftover from development/debugging. Consider removing it to keep the workflow file clean.🧹 Proposed fix
branches: - main - # - synchronize concurrency:🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.github/workflows/merge.yaml at line 8, Remove the leftover commented-out line "# - synchronize" from the workflow file to clean up the YAML; locate the commented entry (the exact string "# - synchronize") and delete that line so the workflow contains only active steps and no commented debug artifacts.flake.nix (2)
13-13: Remove unused variablepkgsLinux.
pkgsLinuxis defined but never used in the flake. This appears to be leftover code.🧹 Proposed fix
let pkgs = nixpkgs.legacyPackages.${system}; - pkgsLinux = nixpkgs.legacyPackages."x86_64-linux"; dockerBuild = pkgs.writeShellApplication {🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@flake.nix` at line 13, The flake defines an unused variable pkgsLinux which should be removed to avoid dead code; locate the declaration of pkgsLinux (pkgsLinux = nixpkgs.legacyPackages."x86_64-linux") and delete that binding (or replace it with a used value if you intended to use it), ensuring no other references remain in the flake.
21-28: Redundant shebang andsetoptions inwriteShellApplication.
writeShellApplicationautomatically prepends a bash shebang andset -euo pipefailto the script. The explicit lines on 22-23 are redundant.🧹 Proposed fix
text = '' - #!/usr/bin/env bash - set -euo pipefail - echo "[+] Building: hopr-admin:latest" docker build --platform linux/amd64 -t hopr-admin:latest -f ./Dockerfile . echo "[✓] Done: hopr-admin:latest" '';🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@flake.nix` around lines 21 - 28, The embedded script passed to writeShellApplication contains an explicit "#!/usr/bin/env bash" and "set -euo pipefail" which are redundant because writeShellApplication already prepends them; remove those two lines from the text block (the multiline string that builds the hopr-admin Docker image) so only the actual commands (echo, docker build, echo) remain, leaving writeShellApplication to supply the shebang and set flags..github/workflows/build.yaml (1)
10-11: Consider restricting thelabeledtrigger to specific labels.Adding the
labeledevent type will trigger the workflow whenever any label is added to the PR. If this is intentional for a specific label-based workflow (e.g., to re-run builds), consider adding a condition to filter by label name to avoid unnecessary runs.Example condition that could be added to jobs:
if: github.event.action != 'labeled' || github.event.label.name == 'rebuild'🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.github/workflows/build.yaml around lines 10 - 11, The workflow currently listens to the "labeled" event and will run for any label; restrict it by adding a guard so jobs only proceed for the intended label (e.g., add an if condition on jobs such as if: github.event.action != 'labeled' || github.event.label.name == 'rebuild') so that the "labeled" trigger stays but only triggers actual job runs for the specific label; update the workflow's on: block to keep "labeled" and add the conditional to each job (or a common job template) that should be filtered.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Nitpick comments:
In @.github/workflows/build.yaml:
- Around line 10-11: The workflow currently listens to the "labeled" event and
will run for any label; restrict it by adding a guard so jobs only proceed for
the intended label (e.g., add an if condition on jobs such as if:
github.event.action != 'labeled' || github.event.label.name == 'rebuild') so
that the "labeled" trigger stays but only triggers actual job runs for the
specific label; update the workflow's on: block to keep "labeled" and add the
conditional to each job (or a common job template) that should be filtered.
In @.github/workflows/merge.yaml:
- Line 8: Remove the leftover commented-out line "# - synchronize" from the
workflow file to clean up the YAML; locate the commented entry (the exact string
"# - synchronize") and delete that line so the workflow contains only active
steps and no commented debug artifacts.
In `@flake.nix`:
- Line 13: The flake defines an unused variable pkgsLinux which should be
removed to avoid dead code; locate the declaration of pkgsLinux (pkgsLinux =
nixpkgs.legacyPackages."x86_64-linux") and delete that binding (or replace it
with a used value if you intended to use it), ensuring no other references
remain in the flake.
- Around line 21-28: The embedded script passed to writeShellApplication
contains an explicit "#!/usr/bin/env bash" and "set -euo pipefail" which are
redundant because writeShellApplication already prepends them; remove those two
lines from the text block (the multiline string that builds the hopr-admin
Docker image) so only the actual commands (echo, docker build, echo) remain,
leaving writeShellApplication to supply the shebang and set flags.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: a9a0e3d1-20d1-4d4e-92d2-891233fd1a55
⛔ Files ignored due to path filters (1)
flake.lockis excluded by!**/*.lock
📒 Files selected for processing (5)
.github/workflows/build.yaml.github/workflows/merge.yaml.github/workflows/release.yamlflake.nixshell.nix
🔎 Trivy Security Report
|
There was a problem hiding this comment.
🧹 Nitpick comments (1)
.github/workflows/release.yaml (1)
50-50: Configure actionlint for custom self-hosted runner labels.The static analysis tool (actionlint) flags
self-hosted-hoprnet-smallas an unknown label. This is a false positive since it's a valid custom label for your self-hosted runners.To suppress this warning, create or update
.github/actionlint.yamlwith your custom runner labels:🔧 Proposed actionlint configuration
# .github/actionlint.yaml self-hosted-runner: labels: - self-hosted-hoprnet-small - self-hosted-hoprnet-bigger🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.github/workflows/release.yaml at line 50, Add your custom self-hosted runner label to actionlint's config so actionlint stops flagging "self-hosted-hoprnet-small": create or update the actionlint config to include a self-hosted-runner labels list containing "self-hosted-hoprnet-small" (and other custom labels like "self-hosted-hoprnet-bigger") so the runner label used in the workflow (self-hosted-hoprnet-small) is recognized by actionlint.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Nitpick comments:
In @.github/workflows/release.yaml:
- Line 50: Add your custom self-hosted runner label to actionlint's config so
actionlint stops flagging "self-hosted-hoprnet-small": create or update the
actionlint config to include a self-hosted-runner labels list containing
"self-hosted-hoprnet-small" (and other custom labels like
"self-hosted-hoprnet-bigger") so the runner label used in the workflow
(self-hosted-hoprnet-small) is recognized by actionlint.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 42bde00c-6385-497d-bd23-490f0000f5d3
📒 Files selected for processing (2)
.github/workflows/merge.yaml.github/workflows/release.yaml
🚧 Files skipped from review as they are similar to previous changes (1)
- .github/workflows/merge.yaml
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Unify workflows to v2:
Summary by CodeRabbit
New Features
Chores