feat: add --image-mount flag to bake images-to-mount init scripts#121
feat: add --image-mount flag to bake images-to-mount init scripts#121feloy wants to merge 3 commits into
Conversation
|
Warning Review limit reached
Next review available in: 37 minutes Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available. How can I continue?After more reviews become available, a review can be triggered using the To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews. How do review limits work?CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability. For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window. Please refer docs for additional details. Review details⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (3)
📝 WalkthroughWalkthroughThe PR adds ChangesImage-mount build path
Estimated code review effort: 4 (Complex) | ~60 minutes Possibly related PRs
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Codecov Report❌ Patch coverage is
📢 Thoughts on this report? Let us know! |
There was a problem hiding this comment.
Actionable comments posted: 3
🧹 Nitpick comments (1)
src/main.rs (1)
152-165: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚖️ Poor tradeoff
run()accepts 12 positional parameters, several of the same type.Adjacent params like
with_policy: bool, with_agent_settings: bool(and now withimage_mountsinserted between other options) make call sites error-prone to read and easy to reorder incorrectly since the compiler won't catch a swap of twobool/Option<&str>args. The PR already introducesContainerfileOptionsfor the siblingcontainerfile::generatecall — applying the same pattern torun()would be more consistent and safer for future flag additions.This would require updating the ~15 test call sites in this same file, so it's a larger change; flagging for awareness rather than as a blocking issue.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@src/main.rs` around lines 152 - 165, run() has too many positional arguments, including multiple adjacent bool and Option<&str> parameters, which makes call sites easy to mix up. Refactor the run() API to take a single options struct, similar to ContainerfileOptions used for containerfile::generate, and update the internal callers and test call sites in main.rs to pass that struct instead of many positional args. Use the run function and the nearby ContainerfileOptions pattern as the main references when locating the change.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@src/containerfile.rs`:
- Around line 256-264: The init_for_printf helper currently escapes backslashes,
newlines, and single quotes, but it still leaves percent signs unescaped, which
can break shell printf formatting for user-provided init text. Update
init_for_printf to also escape % by doubling it before wrapping it in the
single-quoted printf string, and add a regression test covering an init value
containing % so the emitted containerfile output stays literal.
In `@src/image_mount.rs`:
- Around line 54-60: The URL branch in load_yaml_content currently uses the
default ureq::get(...).call(), which leaves socket timeouts unset and can block
indefinitely on slow or stalled URLs. Update the HTTP fetch path to use a
ureq::Agent configured with explicit read and write timeouts, then perform the
request through that agent instead of the default client. Keep the file path
branch unchanged and make sure the timeout-configured client is used only in the
HTTP/HTTPS branch of load_yaml_content.
In `@src/main.rs`:
- Around line 223-237: The image mount setup currently allows multiple
`--image-mount` entries to resolve to the same mount name and silently merge
their init snippets. Add a duplicate-name check in the `src/main.rs` flow that
builds `image_mount_inits` before calling `containerfile::generate`, using the
mount-name derivation from `image_mount::mount_name`/`load_init` to detect
collisions and return an error when two entries map to the same mount path. Keep
the fix localized to the image-mount collection path so
`containerfile::generate` only receives unique mount names.
---
Nitpick comments:
In `@src/main.rs`:
- Around line 152-165: run() has too many positional arguments, including
multiple adjacent bool and Option<&str> parameters, which makes call sites easy
to mix up. Refactor the run() API to take a single options struct, similar to
ContainerfileOptions used for containerfile::generate, and update the internal
callers and test call sites in main.rs to pass that struct instead of many
positional args. Use the run function and the nearby ContainerfileOptions
pattern as the main references when locating the change.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: c1ff4a49-4991-42cc-bb9c-784ce7661bab
📒 Files selected for processing (5)
README.mdsrc/containerfile.rssrc/image_mount.rssrc/main.rstests/integration_test.rs
✅ Files skipped from review due to trivial changes (1)
- README.md
Add support for loading images-to-mount YAML files and appending their shell init snippets to /sandbox/.bashrc and /sandbox/.zshrc inside the built image. - src/image_mount.rs (new): parse images-to-mount YAML files (local path or URL), derive the mount name from the filename stem, and replace $MOUNT with /sandbox/mnt/<name> in the init value. - src/containerfile.rs: introduce ContainerfileOptions struct to replace the positional argument list in generate(); add image_mount_inits field that emits printf calls appending each resolved init snippet to .bashrc and .zshrc in the same RUN layer that creates the profile files; add init_for_printf() helper that escapes backslashes, newlines, and single quotes for safe use in a single-quoted shell printf argument; add unit tests covering ordering, multiple mounts, single-quote escaping, and the no-mount-no-zshrc invariant. - src/main.rs: add --image-mount <PATH|URL> CLI flag (clap Append action, repeatable); thread image_mounts through run(); add unit tests for single mount, multiple mounts, and invalid path error. - tests/integration_test.rs: add image_mount module with integration tests (marked #[ignore] for those requiring podman) covering .bashrc and .zshrc content, sandbox ownership, and absence of .zshrc when the flag is not used; add non-ignored binary smoke-test for the invalid-path error path; register cleanup of the new test image tag. - README.md: document the new flag — YAML format, $MOUNT substitution rule, files written, CLI examples, and option table entry. Co-authored-by: Claude <claude@anthropic.com> Signed-off-by: Philippe Martin <phmartin@redhat.com>
mount_name() was using rsplit('/') to extract the filename from all
inputs. On Windows, local temp paths use backslash separators, so
the entire path was returned as the "last component" instead of just
the filename, producing broken mount paths like:
/sandbox/mnt/C:\Users\...\curl.yaml
Fix by delegating to std::path::Path::file_name() for local paths,
which handles OS-native separators correctly. URL inputs (http/https)
continue to use rsplit('/') since URL paths always use forward slashes.
Co-authored-by: Claude <claude@anthropic.com>
Signed-off-by: Philippe Martin <phmartin@redhat.com>
- Escape % in init_for_printf so printf does not treat user-provided init text (e.g. export DATE_FMT=%Y-%m-%d) as format specifiers; add regression test. - Add explicit 30 s read/write timeouts to the ureq agent used when fetching --image-mount URLs to prevent indefinite blocking. - Reject duplicate --image-mount entries that resolve to the same mount name before calling containerfile::generate. Co-authored-by: Claude <claude@anthropic.com> Signed-off-by: Philippe Martin <phmartin@redhat.com>
Add support for loading images-to-mount YAML files and appending their shell init snippets to /sandbox/.bashrc and /sandbox/.zshrc inside the built image.
src/image_mount.rs (new): parse images-to-mount YAML files (local path or URL), derive the mount name from the filename stem, and replace $MOUNT with /sandbox/mnt/ in the init value.
src/containerfile.rs: introduce ContainerfileOptions struct to replace the positional argument list in generate(); add image_mount_inits field that emits printf calls appending each resolved init snippet to .bashrc and .zshrc in the same RUN layer that creates the profile files; add init_for_printf() helper that escapes backslashes, newlines, and single quotes for safe use in a single-quoted shell printf argument; add unit tests covering ordering, multiple mounts, single-quote escaping, and the no-mount-no-zshrc invariant.
src/main.rs: add --image-mount <PATH|URL> CLI flag (clap Append action, repeatable); thread image_mounts through run(); add unit tests for single mount, multiple mounts, and invalid path error.
tests/integration_test.rs: add image_mount module with integration tests (marked #[ignore] for those requiring podman) covering .bashrc and .zshrc content, sandbox ownership, and absence of .zshrc when the flag is not used; add non-ignored binary smoke-test for the invalid-path error path; register cleanup of the new test image tag.
README.md: document the new flag — YAML format, $MOUNT substitution rule, files written, CLI examples, and option table entry.
How to use: