Skip to content

Use dev-container image #45

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Matts966 wants to merge 6 commits into
base: main
Choose a base branch
from
Open

Use dev-container image #45

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
6c6be8f
Use dev-container image
Matts966 Apr 10, 2026
8d9f6fe
Remove keepalive_time_ms to avoid GOAWAY too_many_pings
Matts966 Apr 14, 2026
5800432
Change keepalive_time_ms from 10s to 300s to avoid GOAWAY too_many_pings
Matts966 Apr 14, 2026
73e5bb6
Set keepalive_time_ms to 20min to avoid GOAWAY too_many_pings
Matts966 Apr 14, 2026
fe93834
Try pr-3448 image
Matts966 Apr 15, 2026
d193ee9
Revert "Try pr-3448 image"
Matts966 Apr 16, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/e2e.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ jobs:
e2e:
runs-on: ubuntu-latest
container:
image: ghcr.io/vdaas/vald/vald-ci-container:nightly
image: ghcr.io/vdaas/vald/vald-dev-container:nightly
Copy link
Copy Markdown

@coderabbitai coderabbitai bot Apr 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

cat -n .github/workflows/e2e.yaml | head -40

Repository: vdaas/vald-client-python

Length of output: 1370

🏁 Script executed:

# Check for files that might generate this workflow
find . -type f -name "*.py" -o -name "*.sh" -o -name "*.ts" | xargs grep -l "e2e.yaml" 2>/dev/null | head -10

Repository: vdaas/vald-client-python

Length of output: 50

🏁 Script executed:

# Check for any Makefile or script that mentions this workflow
find . -type f \( -name "Makefile" -o -name "*.sh" \) | xargs grep -l "e2e" 2>/dev/null

Repository: vdaas/vald-client-python

Length of output: 52

🏁 Script executed:

# Check git history to see if this file is modified manually
git log --oneline .github/workflows/e2e.yaml 2>/dev/null | head -20

Repository: vdaas/vald-client-python

Length of output: 93

🏁 Script executed:

# Search for documentation about image management
find . -type f \( -name "README*" -o -name "*.md" \) | xargs grep -l "nightly\|container.*image\|digest" 2>/dev/null | head -5

Repository: vdaas/vald-client-python

Length of output: 50

🏁 Script executed:

# Check the full git history with more details
git log -p .github/workflows/e2e.yaml 2>/dev/null | head -100

Repository: vdaas/vald-client-python

Length of output: 50

🏁 Script executed:

# Look for template files or generation logic
find . -type f -name "*template*" -o -name "*generate*" 2>/dev/null | grep -i workflow

Repository: vdaas/vald-client-python

Length of output: 50

🏁 Script executed:

# Check if there's a .github directory structure
ls -la .github/workflows/

Repository: vdaas/vald-client-python

Length of output: 559

🏁 Script executed:

# Search for references to vald-dev-container in the repo
rg "vald-dev-container" --type yaml

Repository: vdaas/vald-client-python

Length of output: 50

🏁 Script executed:

# Check all commits touching the workflows directory
git log --oneline .github/workflows/ 2>/dev/null | head -20

Repository: vdaas/vald-client-python

Length of output: 93

🏁 Script executed:

# Look at the actual content of the e2e.yaml more carefully
cat .github/workflows/e2e.yaml

Repository: vdaas/vald-client-python

Length of output: 1125

🏁 Script executed:

# Check if there are any scripts in the repo root or scripts directory
find . -maxdepth 2 -name "*.py" -o -name "*.sh" | head -20

Repository: vdaas/vald-client-python

Length of output: 92

🏁 Script executed:

# Search for any mentions of digest or sha256 in workflows
rg "sha256|@sha256|digest" .github/

Repository: vdaas/vald-client-python

Length of output: 50

🏁 Script executed:

# Check the other workflow files for image usage patterns
for f in .github/workflows/*.yaml .github/workflows/*.yml; do
  echo "=== $(basename $f) ==="
  grep -E "image:|uses:" "$f" | head -10
done

Repository: vdaas/vald-client-python

Length of output: 705

🏁 Script executed:

# Check if there's documentation about why "DO NOT EDIT" is there
find . -type f -name "*.md" | xargs grep -l "DO NOT EDIT\|auto.*generat\|workflow.*generat" 2>/dev/null

Repository: vdaas/vald-client-python

Length of output: 52

🏁 Script executed:

# Look at the external action that handles e2e tests
rg "vdaas/vald-client-ci" --type yaml -A 3 -B 3

Repository: vdaas/vald-client-python

Length of output: 50

🏁 Script executed:

# Check if there's a reference to vdaas/vald-client-ci in docs or comments
find . -type f \( -name "*.md" -o -name "*.txt" \) | xargs grep -l "vdaas/vald-client-ci" 2>/dev/null

Repository: vdaas/vald-client-python

Length of output: 52

🏁 Script executed:

# Look at the git log more detail to understand workflow changes
git log --all --oneline --decorate 2>/dev/null | head -30

Repository: vdaas/vald-client-python

Length of output: 2114

🏁 Script executed:

# Check if there's any reference to code generation or templating
find . -type f -name "*.py" -o -name "Makefile" | xargs grep -l "workflow\|template" 2>/dev/null

Repository: vdaas/vald-client-python

Length of output: 52

🏁 Script executed:

# Check the README for information about workflow management
head -100 README.md 2>/dev/null || head -100 README.rst 2>/dev/null || echo "No README found"

Repository: vdaas/vald-client-python

Length of output: 2191

🏁 Script executed:

# Check if there's a parent repository reference or sync configuration
find . -type f \( -name ".gitmodules" -o -name "*.json" \) | xargs grep -l "client-ci\|sync" 2>/dev/null

Repository: vdaas/vald-client-python

Length of output: 52

🏁 Script executed:

# Look for any CI configuration that might explain the "DO NOT EDIT" comment
cat .github/workflows/sync.yaml 2>/dev/null || echo "No sync.yaml or cannot read"

Repository: vdaas/vald-client-python

Length of output: 1034

🏁 Script executed:

# Check if actions/checkout is pinned properly (good practice indicator)
rg "actions/checkout" .github/workflows/

Repository: vdaas/vald-client-python

Length of output: 128

🏁 Script executed:

# Search web for information about vald-dev-container nightly tag
web_search
ghcr.io vdaas vald-dev-container nightly digest pinning

Repository: vdaas/vald-client-python

Length of output: 164

🌐 Web query:

vdaas vald-dev-container nightly image digest pinning GitHub Actions

💡 Result:

The vdaas/vald-dev-container is a nightly-built Docker image used for development containers (devcontainers) in the Vald project (github.com/vdaas/vald). It is built via GitHub Actions workflow .github/workflows/dockers-dev-container-image.yaml on pushes to main (nightly tag) and PRs (pr-XXXX tags). Images are published to Docker Hub (hub.docker.com/r/vdaas/vald-dev-container) and GHCR. No evidence of digest pinning (e.g., image:tag@sha256:digest) in workflows or devcontainer.json for this image or its base images. Workflows use tag references like :nightly or :pr-XXXX. Docker Hub lists digests (e.g., sha256:8d544902cc0a for pr-3493), but they are not pinned in configs. General pinning best practices apply (e.g., result 2 recommends digest pinning for security), but Vald workflows do not implement it for vald-dev-container. Devcontainer.json likely references "vdaas/vald-dev-container:nightly" by tag.

Citations:

Coordinate with vdaas/vald-client-ci to pin container image by digest.

Line 28 uses :nightly, a mutable tag that rebuilds daily and can cause non-deterministic E2E results. However, this file is marked "DO NOT EDIT" and auto-synced from vdaas/vald-client-ci. The fix should be coordinated at the source (vdaas/vald-client-ci level) or the nightly build process should support stable digest references. Pinning locally may be overwritten on next sync.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/e2e.yaml at line 28, The workflow currently references a
mutable image tag "ghcr.io/vdaas/vald/vald-dev-container:nightly" in
.github/workflows/e2e.yaml which is auto-synced and should not be edited
locally; coordinate with the vdaas/vald-client-ci maintainers to publish and
expose an immutable digest (or a stable digest-tag pair) for vald-dev-container
and update the source pipeline to emit that digest so the synced file can
reference "ghcr.io/vdaas/vald/vald-dev-container@sha256:..." instead of
:nightly; alternatively adjust the nightly build process in vdaas/vald-client-ci
to also publish a pinned digest reference that the sync can consume.

options: "--add-host host.docker.internal:host-gateway"
steps:
- uses: actions/checkout@v3
Copy link
Copy Markdown

@coderabbitai coderabbitai bot Apr 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Verify no deprecated checkout major versions remain in workflows.
rg -nP 'uses:\s*actions/checkout@v[123]\b' .github/workflows

Repository: vdaas/vald-client-python

Length of output: 131

🌐 Web query:

GitHub Actions checkout v3 deprecated support 2025

💡 Result:

actions/checkout@v3 is not formally deprecated or scheduled for support end in 2025. It uses Node 16 runtime, which reached end-of-life in GitHub Actions runners on November 12, 2024. Using v3 now produces deprecation warnings due to Node 16, and workflows may fail if runners no longer support it post-EOL. Official docs and changelog recommend upgrading to v4 (Node 20), v5 (Node 24), or latest v6 for continued support and security updates. No specific 2025 cutoff for v3 is announced; older major versions receive security fixes indefinitely per GitHub policy. Upgrade to actions/checkout@v6 (latest as of 2026-01-09) to avoid issues.

Citations:

🏁 Script executed:

#!/bin/bash
# Examine the full e2e.yaml workflow to verify claims in scratchpad
head -50 .github/workflows/e2e.yaml | cat -n

Repository: vdaas/vald-client-python

Length of output: 1370

🏁 Script executed:

#!/bin/bash
# Check all GitHub workflow files for action versions and permissions
echo "=== Checking for permissions block in e2e.yaml ==="
grep -n "permissions:" .github/workflows/e2e.yaml || echo "No permissions block found"

echo -e "\n=== Full workflow structure (first 40 lines) ==="
cat -n .github/workflows/e2e.yaml | head -40

Repository: vdaas/vald-client-python

Length of output: 1498

Upgrade actions/checkout to a supported version.

Line 31 uses actions/checkout@v3, which relies on Node 16. GitHub Actions sunset Node 16 support on November 12, 2024, and official guidance recommends upgrading to v4 or later. Using v3 may produce deprecation warnings and eventually fail on current runners. Upgrade to v4 or the latest v6 for ongoing compatibility and security patches.

Proposed fix 
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v4
🧰 Tools
🪛 actionlint (1.7.12)

[error] 31-31: the runner of "actions/checkout@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/e2e.yaml at line 31, Update the checkout action version
used in the workflow: replace the reference to actions/checkout@v3 with a
supported release (e.g., actions/checkout@v4 or the latest v6) to avoid Node 16
deprecation issues; edit the workflow step that currently lists "uses:
actions/checkout@v3", update the tag to v4 or v6, run the workflow locally or in
a branch to confirm no breaking changes, and pin to the chosen major version
(not a full SHA) for continued compatibility.

Expand Down
5 changes: 3 additions & 2 deletions src/tests/test_e2e.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,8 +24,9 @@ def __init__(self, *args, **kwargs):
self.data = json.load(open("wordvecs1000.json", "r"))

def setUp(self):
options = [("grpc.keepalive_time_ms", 10000),
("grpc.keepalive_timeout_ms", 5000),
options = [("grpc.keepalive_time_ms", 1200000),
("grpc.keepalive_timeout_ms", 20000),
("grpc.keepalive_permit_without_calls", 0),
("grpc.client_channel_backup_poll_interval_ms", 100)]
self.channel = grpc.insecure_channel(
target="localhost:8081", options=options)
Expand Down
Loading