Skip to content

fix: update nginx WebSocket route and add multi-arch Go build support#24

Merged
Mirage20 merged 1 commit into
openchoreo:mainfrom
BlackPool25:fix/issue-4029-doclet-ws-and-multiarch
Jul 2, 2026
Merged

fix: update nginx WebSocket route and add multi-arch Go build support#24
Mirage20 merged 1 commit into
openchoreo:mainfrom
BlackPool25:fix/issue-4029-doclet-ws-and-multiarch

Conversation

@BlackPool25

@BlackPool25 BlackPool25 commented Jun 30, 2026

Copy link
Copy Markdown
Contributor

Description

Two doclet fixes that were baked into ghcr images but never committed to source.

Changes

  • project-doclet-app/webapp-react-frontend/nginx.conf.template: proxy_pass //ws so WebSocket upgrades reach the collab service route.
  • project-doclet-app/service-go-document/Dockerfile: Multi-arch build support (--platform=$BUILDPLATFORM, ARG TARGETOS/ARG TARGETARCH, GOOS=$TARGETOS GOARCH=$TARGETARCH) and non-root USER.
  • project-doclet-app/service-go-collab/Dockerfile: Same multi-arch and non-root fixes.

Testing

Both Dockerfiles build successfully with docker build --build-arg TARGETOS=linux --build-arg TARGETARCH=amd64. docker buildx build --platform linux/amd64,linux/arm64 should also succeed for both Go services (cross-compilation avoids QEMU).

Related Issues

Fixes openchoreo/openchoreo#4029

@coderabbitai

coderabbitai Bot commented Jun 30, 2026

Copy link
Copy Markdown

Review Change Stack

📝 Walkthrough

Walkthrough

Two Go service Dockerfiles now cross-compile for the target platform, and the webapp nginx template updates the collab WebSocket proxy path to /ws.

Changes

Doclet multi-arch and WebSocket fixes

Layer / File(s) Summary
Multi-arch Go builder stages
project-doclet-app/service-go-collab/Dockerfile, project-doclet-app/service-go-document/Dockerfile
Builder stages add --platform=$BUILDPLATFORM, ARG TARGETOS/ARG TARGETARCH, and GOOS/GOARCH in go build; runtime stages are unchanged.
nginx WebSocket proxy path correction
project-doclet-app/webapp-react-frontend/nginx.conf.template
The /ws/collab-svc proxy_pass target changes from ${COLLAB_SERVICE_URL}/ to ${COLLAB_SERVICE_URL}/ws.

Estimated code review effort: 1 (Trivial) | ~5 minutes

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Title check ✅ Passed Title clearly summarizes the nginx WebSocket route fix and multi-arch Go build updates.
Linked Issues check ✅ Passed The changes match #4029: nginx proxy path, both Go Dockerfiles, and multi-arch build support with buildx verification.
Out of Scope Changes check ✅ Passed All changes are scoped to the doclet nginx route and Go Dockerfile build fixes described in the linked issue.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description check ✅ Passed The PR description covers the problem, changes, testing, and related issue, with only optional template sections omitted.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@LakshanSS LakshanSS left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@BlackPool25
We need to use below format to fix the DCO check
git commit -s -m "your message"

@BlackPool25 BlackPool25 force-pushed the fix/issue-4029-doclet-ws-and-multiarch branch from d523148 to f9d4a6d Compare July 2, 2026 13:57
@BlackPool25

Copy link
Copy Markdown
Contributor Author

@BlackPool25 We need to use below format to fix the DCO check git commit -s -m "your message"

Heyyy I've updated the commit with the signoff please check it out

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (1)
project-doclet-app/service-go-document/Dockerfile (1)

1-1: 🔒 Security & Privacy | 🔵 Trivial | ⚡ Quick win

Missing non-root USER in runtime stage is pre-existing.

Trivy flags DS-0002 (no USER directive), but the runtime stage (lines 11-14) is unchanged by this PR, so this predates the multi-arch fix. Worth addressing separately since the file is already being touched.

Also applies to: 11-14

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@project-doclet-app/service-go-document/Dockerfile` at line 1, The Dockerfile
runtime stage is still missing a non-root USER directive, which Trivy flags as
DS-0002. Update the final runtime stage of this Dockerfile to create/use a
non-root account and switch to it with a USER directive, keeping the multi-arch
builder change in place and applying the fix in the runtime section rather than
the builder stage.

Source: Linters/SAST tools

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@project-doclet-app/service-go-collab/Dockerfile`:
- Line 1: The runtime stage still runs the app as root, so update the
Dockerfile’s final stage to use a non-root account before the CMD. Add or reuse
a suitable user in the runtime stage and switch with a USER instruction in the
final image, ensuring the container starts under that account instead of root.

---

Nitpick comments:
In `@project-doclet-app/service-go-document/Dockerfile`:
- Line 1: The Dockerfile runtime stage is still missing a non-root USER
directive, which Trivy flags as DS-0002. Update the final runtime stage of this
Dockerfile to create/use a non-root account and switch to it with a USER
directive, keeping the multi-arch builder change in place and applying the fix
in the runtime section rather than the builder stage.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: a4d583db-5793-4227-8996-9aabc9158809

📥 Commits

Reviewing files that changed from the base of the PR and between d523148 and f9d4a6d.

📒 Files selected for processing (3)
  • project-doclet-app/service-go-collab/Dockerfile
  • project-doclet-app/service-go-document/Dockerfile
  • project-doclet-app/webapp-react-frontend/nginx.conf.template
🚧 Files skipped from review as they are similar to previous changes (1)
  • project-doclet-app/webapp-react-frontend/nginx.conf.template

Comment thread project-doclet-app/service-go-collab/Dockerfile
@BlackPool25 BlackPool25 requested a review from LakshanSS July 2, 2026 14:06
Apply two uncommitted fixes from the doclet bring-up:
- Change collab proxy_pass from / to /ws so WebSocket upgrades
  reach the correct route
- Add --platform=$BUILDPLATFORM, ARG TARGETOS/TARGETARCH, and
  cross-compilation flags to both Go Dockerfiles for multi-arch
  builds without QEMU emulation
- Run runtime stage as non-root user (Trivy DS-0002)

Fixes openchoreo/openchoreo#4029

Signed-off-by: Shreyas Joshi <shreyasjoshi2511@gmail.com>
@BlackPool25 BlackPool25 force-pushed the fix/issue-4029-doclet-ws-and-multiarch branch from f9d4a6d to a749c21 Compare July 2, 2026 14:08

@Mirage20 Mirage20 left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR looks good. I am merging now. Thank you for the PR @BlackPool25.

@Mirage20 Mirage20 merged commit 85b81ec into openchoreo:main Jul 2, 2026
2 checks passed
@BlackPool25 BlackPool25 deleted the fix/issue-4029-doclet-ws-and-multiarch branch July 2, 2026 14:47
@BlackPool25

Copy link
Copy Markdown
Contributor Author

Glad to contribute :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Fix doclet nginx WebSocket route and multi-arch Go Dockerfiles

3 participants