Conversation
This will allow creating github releases for SDKs
📝 WalkthroughWalkthroughThis PR transitions authentication and tooling setup for SDK releases from build-time to runtime configuration. The Dockerfile is updated to conditionally install openssh-client and github-cli in debug mode. A new docker-compose.override.yml file is created with environment variable placeholders (GH_TOKEN, GIT_EMAIL) and commented SSH volume mounting for the appwrite service. Documentation is updated to reflect the new runtime approach instead of build-time Dockerfile modifications. The SDKs.php file adds Git email configuration steps during the release workflow. Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes
Pre-merge checks and finishing touches❌ Failed checks (1 warning)
✅ Passed checks (2 passed)
✨ Finishing touches
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Security Scan Results for PRDocker Image Scan Results
Source Code Scan Results🎉 No vulnerabilities found! |
✨ Benchmark results
⚡ Benchmark Comparison
|
eac9154 to
2aa2b8d
Compare
There was a problem hiding this comment.
Actionable comments posted: 3
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
docs/tutorials/release-sdks.md (1)
160-160: Update outdated reference to Dockerfile git configuration.Line 160 mentions "Git email in the Dockerfile," but this PR removes git configuration from the Dockerfile in favor of runtime configuration. This reference should be updated to reflect the new approach.
-- **Git configuration** - Check that the Git email in the Dockerfile matches your GitHub account +- **Git configuration** - Check that the GIT_EMAIL environment variable in docker-compose.override.yml matches your GitHub account
🧹 Nitpick comments (2)
docker-compose.override.yml (2)
1-7: Consider .gitignore and provide usage guidance for docker-compose.override.yml.Checking docker-compose.override.yml into version control is unconventional, as this file typically contains local environment-specific overrides and is usually gitignored. While using it as a template is reasonable, consider:
- Clarify the intent: Add a comment at the top of the file explaining that this is a template and users should update the values.
- Security note: Document that mounting
~/.ssh:/root/.sshgives the container access to all SSH keys on the host.- Alternative approach: Consider creating a
docker-compose.override.yml.examplefile instead, which users copy and customize locally while keepingdocker-compose.override.ymlgitignored.Example template comment to add:
+# This is a template for SDK release configuration. +# Uncomment the volumes section and set your GitHub token and Git email. +# SECURITY: Mounting ~/.ssh gives the container access to your SSH keys. services: appwrite:
6-7: Empty environment variables may cause silent failures.The GH_TOKEN and GIT_EMAIL environment variables are set to empty values. If users forget to populate these, the SDK release commands will fail or behave unexpectedly. Consider using placeholder values that make it obvious they need to be replaced.
- - GH_TOKEN= - - GIT_EMAIL= + - GH_TOKEN=your_github_token_here + - [email protected]
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (4)
Dockerfile(1 hunks)docker-compose.override.yml(1 hunks)docs/tutorials/release-sdks.md(1 hunks)src/Appwrite/Platform/Tasks/SDKs.php(1 hunks)
🧰 Additional context used
🧠 Learnings (1)
📚 Learning: 2025-07-08T01:20:14.364Z
Learnt from: stnguyen90
Repo: appwrite/appwrite PR: 10119
File: app/controllers/api/account.php:1226-1232
Timestamp: 2025-07-08T01:20:14.364Z
Learning: In Appwrite, `_APP_DOMAIN` is a required environment variable that must always be set for the system to function properly.
Applied to files:
docker-compose.override.yml
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (19)
- GitHub Check: E2E Service Test (Migrations)
- GitHub Check: E2E Service Test (Teams)
- GitHub Check: E2E Service Test (Users)
- GitHub Check: E2E Service Test (Messaging)
- GitHub Check: E2E Service Test (Tokens)
- GitHub Check: E2E Service Test (Storage)
- GitHub Check: E2E Service Test (Webhooks)
- GitHub Check: E2E Service Test (Databases/TablesDB)
- GitHub Check: E2E Service Test (GraphQL)
- GitHub Check: E2E Service Test (Realtime)
- GitHub Check: E2E Service Test (FunctionsSchedule)
- GitHub Check: E2E Service Test (Sites)
- GitHub Check: E2E Service Test (Functions)
- GitHub Check: E2E Service Test (Proxy)
- GitHub Check: E2E Service Test (Databases/Legacy)
- GitHub Check: E2E Service Test (Avatars)
- GitHub Check: E2E Service Test (Account)
- GitHub Check: E2E General Test
- GitHub Check: Benchmark
🔇 Additional comments (1)
docs/tutorials/release-sdks.md (1)
29-49: Clear documentation of runtime configuration approach.The updated instructions effectively guide users through the new runtime configuration approach. The step-by-step process and example YAML snippet make it easy to follow.
However, consider adding a note about the DEBUG flag requirement, since the openssh-client and github-cli tools are only installed in DEBUG builds (see Dockerfile line 101).
| # Enable Extensions | ||
| RUN if [ "$DEBUG" = "true" ]; then cp /usr/src/code/dev/xdebug.ini /usr/local/etc/php/conf.d/xdebug.ini; fi | ||
| RUN if [ "$DEBUG" = "true" ]; then mkdir -p /tmp/xdebug; fi | ||
| RUN if [ "$DEBUG" = "true" ]; then apk add --update --no-cache openssh-client github-cli; fi |
There was a problem hiding this comment.
🧩 Analysis chain
Document the DEBUG flag requirement for SDK releases.
The openssh-client and github-cli tools are only installed when DEBUG=true, meaning SDK releases can only be performed with DEBUG builds. This requirement should be documented in the release-sdks.md tutorial.
🏁 Script executed:
#!/bin/bash
# Check if DEBUG requirement is documented in the SDK release tutorial
rg -n "DEBUG" docs/tutorials/release-sdks.mdLength of output: 0
🏁 Script executed:
#!/bin/bash
# Check if the release tutorial file exists and what's in it
echo "=== Checking for release-sdks.md file ==="
fd -n "release-sdks.md" || echo "File not found"
echo ""
echo "=== Looking for release/sdk docs broadly ==="
fd -n -e md | grep -i "release\|sdk" | head -20
echo ""
echo "=== Checking Dockerfile around line 101 ==="
if [ -f "Dockerfile" ]; then
sed -n '95,110p' Dockerfile
else
echo "Dockerfile not found"
fi
echo ""
echo "=== Searching for DEBUG documentation across codebase ==="
rg -n "DEBUG.*release\|release.*DEBUG" --type md | head -10Length of output: 1271
🏁 Script executed:
#!/bin/bash
# Fix the fd syntax and search for documentation files
echo "=== Looking for documentation files ==="
find . -name "*.md" -path "*/docs/*" -o -name "*.md" -path "*/doc/*" | grep -i "release\|sdk" | head -20
echo ""
echo "=== List all markdown files in docs directories ==="
find . -type d -name "docs" -o -type d -name "doc" | head -5
echo ""
echo "=== Check actual Dockerfile content for line 101 ==="
sed -n '101p' Dockerfile
echo ""
echo "=== Search for any DEBUG references in docs ==="
find . -path "*/docs/*" -o -path "*/doc/*" | xargs grep -l "DEBUG" 2>/dev/null || echo "No DEBUG found in docs"
echo ""
echo "=== Check if release-sdks file exists anywhere ==="
find . -name "*release*sdk*" -o -name "*sdk*release*" 2>/dev/nullLength of output: 1454
🏁 Script executed:
#!/bin/bash
# Check the content of release-sdks.md
echo "=== Content of release-sdks.md ==="
cat ./docs/tutorials/release-sdks.mdLength of output: 6305
Document that DEBUG=true is required when building the Docker image for SDK releases.
The release-sdks.md tutorial explains how to configure SSH keys and GitHub tokens, but it does not mention that openssh-client and github-cli are only installed when the Docker image is built with DEBUG=true (Dockerfile line 101). Developers following this tutorial would need this information to successfully perform SDK releases. Add a prerequisite step stating that the Docker image must be built with the DEBUG flag enabled.
🤖 Prompt for AI Agents
In Dockerfile around line 101, the conditional install of openssh-client and
github-cli runs only when the build ARG/ENV DEBUG is "true"; update
release-sdks.md to add a prerequisite that the Docker image must be built with
DEBUG enabled and show the exact build command to do so (e.g., pass DEBUG=true
via --build-arg or set the build ARG/ENV appropriately), including a short note
referencing Dockerfile line 101 so readers know those tools are installed only
when DEBUG=true.
What does this PR do?
Previously, you needed to update the Dockerfile and docker-compose.yml before you could release the SDKs.
This PR simplifies the config so you only need to modify the docker-compose.override.yml file and makes it so the configs (
GITHUB_TOKENandGIT_EMAIL) are runtime values rather than baked into the docker image.Test Plan
TBD
Related PRs and Issues
None
Checklist