Skip to content

Modernize, minimize, and cleanup containers #129

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
jcpunk wants to merge 34 commits into
base: develop
Choose a base branch
from
Open

Modernize, minimize, and cleanup containers #129

jcpunk wants to merge 34 commits into from
+1,810 −1,740

Conversation

@jcpunk
Copy link
Contributor

@jcpunk jcpunk commented Jan 2, 2026
edited
Loading

There is a lot going on here. An AI summary exists further down the comment history.

I recommend reviewing the commits one at a time rather than the full diff as a blob.

In theory each commit is a rational step with clear self contained logic.

Copilot and coderabbit identified bits of code that probably never worked. These are probably bits that could be dropped, but that would require an expert to review.

The changes to the application specific code should probably be reviewed.
With NP04 offline right now I couldn't check against the current runtime for some things.

To be clear, I really only care about the containers as containers in kubernetes...

I've tried to set the docker build step for the microservices container to run after the microservices_dependencies container. Those workflows wont really work until this PR is merged. After that everything should be fine...

@jcpunk jcpunk requested review from jcfreeman2 and mroda88 January 2, 2026 16:58
@jcpunk jcpunk mentioned this pull request Jan 2, 2026
Open
eflumerf
eflumerf approved these changes Jan 2, 2026
View reviewed changes
Copy link
Member

@eflumerf eflumerf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Things look reasonable to me, however I do not have any kind of testing environment so I can't speak too much about functionality.

Copilot AI mentioned this pull request Jan 2, 2026
Merged
@jcpunk jcpunk force-pushed the modernize branch 12 times, most recently from 72b65f9 to c8d8f52 Compare January 2, 2026 22:19
@jcpunk jcpunk marked this pull request as draft January 3, 2026 05:12
@jcpunk jcpunk force-pushed the modernize branch 12 times, most recently from 284efa9 to 1258c6a Compare January 3, 2026 20:08
@jcpunk jcpunk force-pushed the modernize branch 2 times, most recently from 7346602 to e1b5642 Compare January 9, 2026 19:04
jcpunk and others added 16 commits January 9, 2026 13:14
@jcpunk
Move to AL10
9a4ff7f
@jcpunk
Ensure APP_ROOT is defined
01ab436
@jcpunk
Use gunicorn consistently across flask apps
33b7986
@jcpunk
Update dependencies - non major versions
819a872
@jcpunk
Switch to sqlalchemy from raw postgres
1d49a0d
@jcpunk
Ran ruff check --fix
45a27b1
@jcpunk
Fix use of undefined variables and incorrect polling
0e283b9
@jcpunk
Fix duplicate function redefinition
d5fa5f4
@jcpunk
runservices: datetime.utcnow is deprecated in Python 3.12+
004f5c1
@jcpunk
Fix potential missing exit codes
5b6c9cd
@jcpunk
Use sqlalchemy 2.0 compiled statements
af3759e
@jcpunk
Standardize on DATABASE_URI
51abdfe
@jcpunk
Update elisa-logbook/credmgr.py
bcf3eb8 
The get_login method now accepts an optional user parameter, but when user is provided and no matching authentication is found, the method returns None implicitly. This could lead to NoneType errors in calling code. Consider raising an exception when the requested login is not found, similar to how the error is logged but execution continues.

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@jcpunk
Update ers-protobuf-dbwriter/dbwriter.py
cb24191 
The function returns False here, but earlier in the retry loop at lines 140 and 196, successful operations return True. This creates an inconsistency: the function may return True, False, or raise an exception. Consider either always raising an exception on failure (removing the return False) or documenting the mixed return behavior clearly.

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@jcpunk
Update elisa-logbook/credmgr.py
40434ff 
The get_login method has inconsistent error handling. When a service is not found and no user is specified, the method logs an error but doesn't raise an exception (line 198), potentially returning None. This could lead to AttributeError later when the caller tries to access attributes on the returned value. Add a raise statement after line 198 to maintain consistency with the user-specified case.

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@jcpunk
Update entrypoint_functions.sh
6f6a503 
The ensure_required_variables helper logs the value of every environment variable whose name does not contain one of the hard‑coded sensitive keywords (USERNAME, PASSWORD, DATABASE_URI), which will expose any other secrets (e.g. API_TOKEN, JWT_SECRET) to container logs. An attacker or unprivileged operator with access to logs could recover these credentials and use them to access downstream services or databases. To avoid leaking secrets, stop printing environment variable values entirely (or maintain a strict allowlist of non‑sensitive variables) and only report whether each variable is defined or missing.

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@mroda88 mroda88 mroda88 approved these changes

@jcfreeman2 jcfreeman2 Awaiting requested review from jcfreeman2

+1 more reviewer

@eflumerf eflumerf eflumerf approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@jcpunk @mroda88 @eflumerf