Conversation
|
Thanks for opening this, but we'd appreciate a little more information. Could you update it with more details? |
Contributor
📝 WalkthroughWalkthroughAll six containerized services update their Docker build and runtime infrastructure: base images migrate from mcr.microsoft.com/dotnet to dhi.io/dotnet registries, and container startup is refactored from shell-chained wait-script execution to explicit ENTRYPOINT and CMD patterns. ChangesDocker image and startup pattern migration
Estimated code review effort🎯 2 (Simple) | ⏱️ ~12 minutes Possibly related PRs
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@Web/Resgrid.Web.Eventing/Dockerfile`:
- Around line 5-11: Replace all dhi.io image tags used in FROM statements with
immutable digest pins (use the `@sha256`:<digest> form) so builds are
reproducible; specifically update each occurrence of images like
dhi.io/dotnet:9.0.16-debian13 and dhi.io/dotnet:9.0.314-sdk-debian13 (and any
other dhi.io/* references) to their corresponding sha256 digests in the
Dockerfile FROM lines, ensuring both the runtime and sdk images are pinned
across all six migrated Dockerfiles.
In `@Workers/Resgrid.Workers.Console/Dockerfile`:
- Around line 5-10: The Dockerfile uses Debian 13 base images (e.g., FROM
dhi.io/dotnet:9.0.314-sdk-debian13 AS build) but still installs an Ubuntu
Jammy-specific package (wkhtmltox_0.12.6.1-3.jammy_amd64.deb); replace that
Jammy .deb with a Debian 13-compatible wkhtmltopdf package or installation
method: either download the appropriate Debian 13/trixie .deb from wkhtmltopdf
releases, install wkhtmltopdf from Debian repositories via apt, or build/install
from source/official static binary, and update the Dockerfile to reference the
correct package filename and installation commands so dependencies match the
Debian 13 base image.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Run ID: a9637143-e160-4c58-8daf-c2954cbe6fea
📒 Files selected for processing (6)
Web/Resgrid.Web.Eventing/DockerfileWeb/Resgrid.Web.Mcp/DockerfileWeb/Resgrid.Web.Services/DockerfileWeb/Resgrid.Web.Tts/DockerfileWeb/Resgrid.Web/DockerfileWorkers/Resgrid.Workers.Console/Dockerfile
Comment on lines
+5
to
+11
| FROM dhi.io/dotnet:9.0.16-debian13 AS base | ||
| ARG BUILD_VERSION | ||
| WORKDIR /app | ||
| EXPOSE 80 | ||
|
|
||
| FROM mcr.microsoft.com/dotnet/sdk:9.0.202-noble-amd64 AS build | ||
| #FROM mcr.microsoft.com/dotnet/sdk:9.0.202-noble-amd64 AS build | ||
| FROM dhi.io/dotnet:9.0.314-sdk-debian13 AS build |
Contributor
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
# Verify all migrated Dockerfiles still use tag-only FROM references.
rg -n '^\s*FROM\s+dhi\.io\/[^\s]+' \
Web/Resgrid.Web.Eventing/Dockerfile \
Web/Resgrid.Web.Mcp/Dockerfile \
Web/Resgrid.Web.Services/Dockerfile \
Web/Resgrid.Web.Tts/Dockerfile \
Web/Resgrid.Web/Dockerfile \
Workers/Resgrid.Workers.Console/Dockerfile
# Expected follow-up: replace each with FROM ...@sha256:<digest>Repository: Resgrid/Core
Length of output: 167
🏁 Script executed:
#!/bin/bash
# Fixed: use proper rg syntax to find all dhi.io FROM references
echo "=== Scanning for dhi.io references in Dockerfiles ==="
rg 'FROM\s+dhi\.io' -g 'Dockerfile*' -n
echo ""
echo "=== Checking each mentioned Dockerfile ==="
for dockerfile in \
Web/Resgrid.Web.Eventing/Dockerfile \
Web/Resgrid.Web.Mcp/Dockerfile \
Web/Resgrid.Web.Services/Dockerfile \
Web/Resgrid.Web.Tts/Dockerfile \
Web/Resgrid.Web/Dockerfile \
Workers/Resgrid.Workers.Console/Dockerfile; do
if [ -f "$dockerfile" ]; then
echo "--- $dockerfile ---"
grep -n 'FROM.*dhi\.io' "$dockerfile" || echo "No dhi.io FROM found"
else
echo "$dockerfile: NOT FOUND"
fi
doneRepository: Resgrid/Core
Length of output: 1986
Pin all dhi.io images by digest across the 6 migrated Dockerfiles.
All dhi.io FROM statements currently use tags only, leaving builds mutable. A retag can silently change runtime bits. Pin each reference with @sha256:<digest> to ensure deterministic, reproducible builds:
- Web/Resgrid.Web.Eventing/Dockerfile (lines 5, 11)
- Web/Resgrid.Web.Mcp/Dockerfile (lines 6, 12)
- Web/Resgrid.Web.Services/Dockerfile (lines 6, 12)
- Web/Resgrid.Web.Tts/Dockerfile (lines 4, 10)
- Web/Resgrid.Web/Dockerfile (lines 5, 12)
- Workers/Resgrid.Workers.Console/Dockerfile (lines 5, 10)
Suggested pattern
-FROM dhi.io/dotnet:9.0.16-debian13 AS base
+FROM dhi.io/dotnet:9.0.16-debian13@sha256:<runtime_digest> AS base
...
-FROM dhi.io/dotnet:9.0.314-sdk-debian13 AS build
+FROM dhi.io/dotnet:9.0.314-sdk-debian13@sha256:<sdk_digest> AS build🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@Web/Resgrid.Web.Eventing/Dockerfile` around lines 5 - 11, Replace all dhi.io
image tags used in FROM statements with immutable digest pins (use the
`@sha256`:<digest> form) so builds are reproducible; specifically update each
occurrence of images like dhi.io/dotnet:9.0.16-debian13 and
dhi.io/dotnet:9.0.314-sdk-debian13 (and any other dhi.io/* references) to their
corresponding sha256 digests in the Dockerfile FROM lines, ensuring both the
runtime and sdk images are pinned across all six migrated Dockerfiles.
Comment on lines
+5
to
+10
| FROM dhi.io/dotnet:9.0.16-debian13 AS base | ||
| ARG BUILD_VERSION | ||
| WORKDIR /app | ||
|
|
||
| FROM mcr.microsoft.com/dotnet/sdk:9.0.202-noble-amd64 AS build | ||
| #FROM mcr.microsoft.com/dotnet/sdk:9.0.202-noble-amd64 AS build | ||
| FROM dhi.io/dotnet:9.0.314-sdk-debian13 AS build |
Contributor
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
# Verify the distro/package mismatch in this Dockerfile.
rg -n '^\s*FROM\s+dhi\.io/dotnet:.*debian13' Workers/Resgrid.Workers.Console/Dockerfile
rg -n 'wkhtmltox_.*jammy_amd64\.deb' Workers/Resgrid.Workers.Console/Dockerfile
# Expected: both patterns match -> mismatch confirmed.
# Follow-up: use a Debian-compatible wkhtmltopdf package/build path.Repository: Resgrid/Core
Length of output: 331
Replace the Ubuntu Jammy-specific wkhtmltopdf package with a Debian 13-compatible version.
The migration to Debian 13 base images (lines 5, 10) is incompatible with the Ubuntu Jammy-specific wkhtmltopdf package (lines 48, 57: wkhtmltox_0.12.6.1-3.jammy_amd64.deb). This distro mismatch can cause dependency resolution failures or runtime breakage due to libc and library incompatibilities between Debian 13 and Ubuntu Jammy.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@Workers/Resgrid.Workers.Console/Dockerfile` around lines 5 - 10, The
Dockerfile uses Debian 13 base images (e.g., FROM
dhi.io/dotnet:9.0.314-sdk-debian13 AS build) but still installs an Ubuntu
Jammy-specific package (wkhtmltox_0.12.6.1-3.jammy_amd64.deb); replace that
Jammy .deb with a Debian 13-compatible wkhtmltopdf package or installation
method: either download the appropriate Debian 13/trixie .deb from wkhtmltopdf
releases, install wkhtmltopdf from Debian repositories via apt, or build/install
from source/official static binary, and update the Dockerfile to reference the
correct package filename and installation commands so dependencies match the
Debian 13 base image.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary by CodeRabbit
mcr.microsoft.com/dotnet) todhi.io/dotnetacross six services