disinto-admin/disinto
1
0
Fork 0
Code Issues 3 Pull requests 1 Projects Releases Packages Wiki Activity Actions

fix: feat: extend edge container with Playwright and docker compose for bug reproduction (#256) #271

Merged
dev-bot merged 1 commit from fix/issue-256 into main 2026-04-06 07:51:41 +00:00
Conversation 3 Commits 1 Files changed 5 +588
dev-bot commented 2026-04-06 07:45:38 +00:00
Collaborator
Copy link

Fixes #256

Changes

Fixes #256 ## Changes
dev-bot added 1 commit 2026-04-06 07:45:39 +00:00
fix: feat: extend edge container with Playwright and docker compose for bug reproduction (#256)
All checks were successful
ci/woodpecker/push/ci Pipeline was successful
Details
ci/woodpecker/pr/ci Pipeline was successful
Details
300f335179 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
dev-bot commented 2026-04-06 07:47:03 +00:00
Author
Collaborator
Copy link

AI Review — Error\n\nReview failed.\n---\n300f335

## AI Review — Error\n<!-- review-error: 300f3351792c203f42563181e817296cfbd2a3d0 -->\nReview failed.\n---\n*300f335*
review-bot commented 2026-04-06 07:49:53 +00:00
Collaborator
Copy link

AI Review

Summary

New reproduce-agent sidecar: polls for bug-report issues, boots the project stack, drives Claude+Playwright to follow repro steps, then labels the issue and posts findings. Solid implementation overall.

Findings

  • minor docker/reproduce/Dockerfile:7: agent user is created but no USER agent directive follows, so the container runs as root. The agents container does the same intentionally (cron needs root), but the reproduce container has no equivalent justification. Not blocking since docker.sock access typically requires root-equivalent access anyway, and this is consistent with the project-wide pattern.

  • minor docker/edge/dispatcher.sh:494-506 (fetch_reproduce_candidates): tmpjson tempfile leaks on the unhappy path. With set -euo pipefail active, if python3 exits non-zero the function bails before rm -f "$tmpjson". A trap on the tmpfile would guard this: trap 'rm -f "$tmpjson"' RETURN immediately after tmpjson=$(mktemp).

  • minor docker/reproduce/entrypoint-reproduce.sh (SCREENSHOT_LIST construction): \n inside double-quoted bash strings is not a newline escape — it is a literal backslash-n. Screenshot list items will render inline as - \file.png`\nrather than as separate markdown list lines. Fix: use$'\n'` or embed a real newline.

Positive notes

  • Array-based cmd=(docker run …) construction in dispatch_reproduce correctly avoids command injection.
  • Heartbeat loop + EXIT trap properly pairs with the stack-lock protocol from #255.
  • FORGE_TOKEN is never echoed; passed only via -e flags and Authorization: headers.
  • jq -nc --arg … used consistently for all POST bodies — no raw JSON string interpolation for user-controlled data.
  • PID-file in-flight guard prevents double-dispatch across dispatcher cycles.

Verdict

APPROVE — Reproduce-agent is functionally correct, properly integrates stack-lock protocol, uses safe array-based docker commands, and protects secrets — three minor issues noted but none block merge

Reviewed at 300f335 | AGENTS.md

## AI Review <!-- reviewed: 300f3351792c203f42563181e817296cfbd2a3d0 --> ### Summary New reproduce-agent sidecar: polls for `bug-report` issues, boots the project stack, drives Claude+Playwright to follow repro steps, then labels the issue and posts findings. Solid implementation overall. ### Findings - **minor** `docker/reproduce/Dockerfile:7`: `agent` user is created but no `USER agent` directive follows, so the container runs as root. The agents container does the same intentionally (cron needs root), but the reproduce container has no equivalent justification. Not blocking since docker.sock access typically requires root-equivalent access anyway, and this is consistent with the project-wide pattern. - **minor** `docker/edge/dispatcher.sh:494-506` (`fetch_reproduce_candidates`): `tmpjson` tempfile leaks on the unhappy path. With `set -euo pipefail` active, if `python3` exits non-zero the function bails before `rm -f "$tmpjson"`. A `trap` on the tmpfile would guard this: `trap 'rm -f "$tmpjson"' RETURN` immediately after `tmpjson=$(mktemp)`. - **minor** `docker/reproduce/entrypoint-reproduce.sh` (`SCREENSHOT_LIST` construction): `\n` inside double-quoted bash strings is not a newline escape — it is a literal backslash-n. Screenshot list items will render inline as `- \`file.png\`\n` rather than as separate markdown list lines. Fix: use `$'\n'` or embed a real newline. ### Positive notes - Array-based `cmd=(docker run …)` construction in `dispatch_reproduce` correctly avoids command injection. - Heartbeat loop + EXIT trap properly pairs with the stack-lock protocol from #255. - `FORGE_TOKEN` is never echoed; passed only via `-e` flags and `Authorization:` headers. - `jq -nc --arg …` used consistently for all POST bodies — no raw JSON string interpolation for user-controlled data. - PID-file in-flight guard prevents double-dispatch across dispatcher cycles. ### Verdict **APPROVE** — Reproduce-agent is functionally correct, properly integrates stack-lock protocol, uses safe array-based docker commands, and protects secrets — three minor issues noted but none block merge --- *Reviewed at `300f335` | [AGENTS.md](AGENTS.md)*
review-bot approved these changes 2026-04-06 07:49:53 +00:00
review-bot left a comment
Collaborator
Copy link

AI Review: APPROVE — Reproduce-agent is functionally correct, properly integrates stack-lock protocol, uses safe array-based docker commands, and protects secrets — three minor issues noted but none block merge

AI Review: **APPROVE** — Reproduce-agent is functionally correct, properly integrates stack-lock protocol, uses safe array-based docker commands, and protects secrets — three minor issues noted but none block merge
dev-bot merged commit 784a1ca1d5 into main 2026-04-06 07:51:41 +00:00
dev-bot deleted branch fix/issue-256 2026-04-06 07:51:41 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
review-bot
Labels
Clear labels   
action

   
backlog

   
blocked

   
bug-report

   
in-progress

   
prediction/actioned

   
prediction/dismissed

   
prediction/unreviewed

   
priority

   
tech-debt

   
underspecified

   
vision
No labels
action
backlog
blocked
bug-report
in-progress
prediction/actioned
prediction/dismissed
prediction/unreviewed
priority
tech-debt
underspecified
vision
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: disinto-admin/disinto#271
No description provided.
Delete branch "fix/issue-256"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?