Syncing up main to development

[NickSavino]

PR Type

Bug fix

---

Description

• Fixed shell script execution by adding explicit bash command

• Corrected escape sequence in database URL variable reference

• Improved script reliability and portability across environments

---

Diagram Walkthrough

flowchart LR
  A["Deploy/Migrate Scripts"] -->|Add bash prefix| B["Explicit bash execution"]
  A -->|Fix escaping| C["Correct variable interpolation"]
  B --> D["Improved reliability"]
  C --> D

Loading

File Walkthrough

Relevant files

Bug fix

deploy_via_ssm.sh Add bash prefix to script execution                                            scripts/ci/deploy_via_ssm.sh Added explicit bash command prefix to script invocation Changed from ./scripts/ci/ssm_run_and_wait.sh to bash ./scripts/ci/ssm_run_and_wait.sh Ensures script runs in bash shell regardless of system defaults +1/-1      migrate_via_ssm.sh Fix escape sequence and add bash prefix                                    scripts/ci/migrate_via_ssm.sh Added explicit bash command prefix to script invocation Fixed escape sequence in GOOSE_DBSTRING variable from \\$DBURL to \$DBURL Ensures proper variable interpolation and script execution in bash shell +2/-2

---

Summary by CodeRabbit

Release Notes

• Chores
  • Updated deployment and migration scripts to improve execution reliability and configuration handling.

[coderabbitai]

📝 Walkthrough

Walkthrough

Two deployment scripts in the CI pipeline are updated to explicitly invoke bash for script execution and adjust variable escaping in a docker command. The changes modify how scripts are called and how environment variables are passed to containers.

Changes

Cohort / File(s)	Summary
Explicit Bash Invocation scripts/ci/deploy_via_ssm.sh, scripts/ci/migrate_via_ssm.sh	Changed script invocation from ./scripts/ci/ssm_run_and_wait.sh to bash ./scripts/ci/ssm_run_and_wait.sh to explicitly call bash interpreter.
Variable Escaping Fix scripts/ci/migrate_via_ssm.sh	Removed redundant escape character in docker environment variable: GOOSE_DBSTRING="\\$DBURL" → GOOSE_DBSTRING="\$DBURL"

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

🐰 With bash explicitly called, our scripts now run so clear,
No more implicit shebangs causing CI cheer,
Variable escaping pruned—one backslash less to fear,
Deployment flows forward with precision this year! 🚀

---

Note

🎁 Summarized by CodeRabbit Free

Your organization is on the Free plan. CodeRabbit will generate a high-level summary and a walkthrough for each pull request. For a comprehensive line-by-line review, please upgrade your subscription to CodeRabbit Pro by visiting https://app.coderabbit.ai/login.

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[qodo-code-review]

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
🟢	No security concerns identified No security vulnerabilities detected by AI analysis. Human verification advised for critical code.
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
🟢	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: Passed Learn more about managing compliance generic rules or creating your own custom rules

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

[qodo-code-review]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
General	Use script’s absolute path Use the script's absolute path to invoke ./scripts/ci/ssm_run_and_wait.sh. This ensures the script can be found regardless of the directory from which it is executed. scripts/ci/deploy_via_ssm.sh [37] -bash ./scripts/ci/ssm_run_and_wait.sh "${COMMANDS_JSON}" +SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +bash "$SCRIPT_DIR/ssm_run_and_wait.sh" "${COMMANDS_JSON}" Apply / Chat Suggestion importance[1-10]: 6 __ Why: The suggestion correctly identifies a potential issue where the script might fail if run from a different directory and proposes a robust solution using an absolute path, improving script reliability.	Low
More