Fix/trigger direct url env #88
Conversation
Fixes memory ingestion failure where Trigger.dev worker containers couldn't run Prisma migrations due to missing DIRECT_URL environment variable. Changes: - Added DIRECT_URL to syncEnvVars in apps/webapp/trigger.config.ts - This allows Prisma schema validation to pass in worker containers - Resolves "Environment variable not found: DIRECT_URL" error 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
Prevents accidentally committing secrets in .env files anywhere in the repository while still allowing .env.example files for documentation. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
There was a problem hiding this comment.
Pull Request Overview
This PR introduces GitHub and Unraid integration enhancements, end-to-end webhook processing and code ingestion into the knowledge graph, container/runtime setup improvements, and documentation updates. Key changes:
- GitHub: adds setup scripts, webhook identify/process handlers, and code ingestion pipeline; adjusts OAuth scope separator and integration loading path.
- Unraid: adds a new integration package (CLI, build config, types, schedule, utils) with syncing and GraphQL helpers.
- Platform: improves Trigger env handling, Docker runtime bootstrapping, new server bootstrap path, and adds code parsing (tree-sitter) and code graph models.
Reviewed Changes
Copilot reviewed 58 out of 63 changed files in this pull request and generated 14 comments.
Show a summary per file
| File | Description |
|---|---|
| scripts/setup-github-integration.ts | TS script to upsert GitHub integration with env-configurable integration_path. |
| scripts/setup-github-integration.js | Node script variant to upsert GitHub integration (fixed container path). |
| package.json | Adds tsx to devDependencies for TS runner. |
| integrations/unraid/tsup.config.ts | Bundler config: cjs output to bin. |
| integrations/unraid/tsconfig.json | TS compiler options for Unraid integration. |
| integrations/unraid/src/utils.ts | Unraid GraphQL client helpers and utility functions. |
| integrations/unraid/src/types.ts | Unraid integration types and message shapes. |
| integrations/unraid/src/schedule.ts | Main Unraid sync handler and data processors. |
| integrations/unraid/src/index.ts | Unraid CLI entry and Spec provider wiring. |
| integrations/unraid/src/account-create.ts | Unraid setup/validation flow. |
| integrations/unraid/spec.json | Unraid integration spec (schedule/auth schema). |
| integrations/unraid/package.json | Package metadata, build scripts, dependencies for Unraid integration. |
| integrations/unraid/README.md | Unraid integration documentation. |
| integrations/github/src/webhook-process.ts | Processes GitHub webhook events into activities and code_parse_job messages. |
| integrations/github/src/webhook-identify.ts | Identifies webhook owner (installation ID or repo owner). |
| integrations/github/src/index.ts | Adds IDENTIFY/PROCESS handlers and OAuth scope separator fix. |
| integrations/github/spec.json | OAuth scope separator changed to space. |
| integrations/github/SETUP.md | Detailed GitHub integration setup guide. |
| hosting/docker/docker-compose.yaml | Adds build context, env vars, healthcheck tweaks, ClickHouse image/volumes updates. |
| hosting/docker/.env.example | Adds GitHub client envs and embedding size; integration path default. |
| docs/ai-sdk-v5-migration.md | Migration plan to AI SDK v5 and Claude Agent provider. |
| docs/MEMORY_SYSTEM_FIXES.md | Detailed memory system investigation and fixes report. |
| docker/scripts/entrypoint.sh | Ensures NODE_PATH resolution, runs Prisma generate and GitHub setup at startup. |
| docker/Dockerfile | Copies scripts/integrations, builds webapp server, and runtime assets. |
| docker-compose.aws.yaml | Removes AWS compose file. |
| apps/webapp/tsconfig.json | Removes baseUrl (affects TS path mapping). |
| apps/webapp/trigger.config.ts | Syncs Trigger env vars (including DIRECT_URL), default model update. |
| apps/webapp/server.ts | Robust dev startup (optional vite), exposes MCP endpoints. |
| apps/webapp/server.js | Compiled server bootstrap with MCP endpoints. |
| apps/webapp/package.json | Adds web-tree-sitter dependency. |
| apps/webapp/app/utils/startup.ts | Graceful Trigger bootstrap (warnings instead of exit), safer env sync. |
| apps/webapp/app/utils/mcp/memory.ts | Improves logging and error handling; GET spaces. |
| apps/webapp/app/utils/mcp/code-memory.ts | Adds code memory MCP tools (search/history/dependencies/reviews). |
| apps/webapp/app/trigger/utils/utils.ts | Axios interceptor for internal memory endpoints with detailed logging. |
| apps/webapp/app/trigger/integrations/integration-run.ts | Handles code_parse_job messages and loads integration from spec.integration_path. |
| apps/webapp/app/trigger/ingest/ingest-code.ts | Trigger task to parse code (GitHub), extract entities, and link AI reviews. |
| apps/webapp/app/trigger/chat/memory-utils.ts | More verbose logging and strict error propagation for memory ops. |
| apps/webapp/app/trigger/chat/chat.ts | Auto-ingests conversation transcripts on success. |
| apps/webapp/app/services/search/utils.ts | Adds scoreThreshold param and BFS variable-depth traversal. |
| apps/webapp/app/services/oauth/oauth.server.ts | Falls back to spec OAuth client credentials if config not set. |
| apps/webapp/app/services/graphModels/statement.ts | Fixes relationship direction and attributes field usage. |
| apps/webapp/app/services/graphModels/repository.ts | Repository graph model helpers. |
| apps/webapp/app/services/graphModels/function.ts | Function graph model helpers and relations. |
| apps/webapp/app/services/graphModels/codeFile.ts | Code file graph model helpers and relations. |
| apps/webapp/app/services/graphModels/class.ts | Class graph model helpers and relations. |
| apps/webapp/app/services/graphModels/aiReview.ts | AI review graph model helpers and relations. |
| apps/webapp/app/services/github-webhook.server.ts | Webhook processing, AI review extraction, and signature verification. |
| apps/webapp/app/services/codeParser.server.ts | Tree-sitter parser bootstrap and parsing helpers. |
| apps/webapp/app/services/codeEntityExtractor.server.ts | Language-specific entity extraction for TS/JS/Python/Go. |
| apps/webapp/app/routes/home.integration.$slug.tsx | Safer optional chaining for MCP auth checks in UI. |
| apps/webapp/app/routes/api.v1.mcp.memory.tsx | Registers code memory MCP tools and improves ingest/search. |
| apps/webapp/app/routes/api.v1.activity.tsx | Validates workspace when creating activities. |
| apps/webapp/app/lib/model.server.ts | Embedding dimensions configurable via EMBEDDING_MODEL_SIZE. |
| SECURITY.md | Removes security policy doc. |
| LICENSE | Removes repository license file. |
| AGENTS.md | Adds repository/development guidelines. |
| .github/dependabot.yml | Adds dependabot config for devcontainers. |
| .devcontainer/devcontainer.json | Adds Dev Container configuration. |
Files not reviewed (1)
- pnpm-lock.yaml: Language not supported
Comments suppressed due to low confidence (2)
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
| import { handleSchedule } from './schedule'; | ||
| import { integrationCreate } from './account-create'; | ||
| import { handleWebhookIdentify } from './webhook-identify'; | ||
| import { handleWebhookProcess } from './webhook-process'; |
There was a problem hiding this comment.
The exported function in webhook-identify.ts is identifyWebhook, but this file imports and calls handleWebhookIdentify. This will fail at compile/runtime. Import the correct identifier and update the call.
| case IntegrationEventType.IDENTIFY: | ||
| return await handleWebhookIdentify(eventPayload.eventBody); | ||
|
|
||
| case IntegrationEventType.PROCESS: | ||
| return await handleWebhookProcess(eventPayload.eventBody, eventPayload.config); |
There was a problem hiding this comment.
The exported function in webhook-identify.ts is identifyWebhook, but this file imports and calls handleWebhookIdentify. This will fail at compile/runtime. Import the correct identifier and update the call.
| * - code_parse_job: Queues background code parsing | ||
| */ | ||
| export async function handleWebhookProcess(eventBody: any, config: any) { | ||
| const webhookService = createGitHubWebhookService(config.webhook_secret); |
There was a problem hiding this comment.
createGitHubWebhookService() does not accept any parameters (it reads env vars internally). Passing config.webhook_secret will cause a type error. Call it without arguments, or change the service factory to accept a config object and update github-webhook.server.ts accordingly.
| const webhookService = createGitHubWebhookService(config.webhook_secret); | |
| const webhookService = createGitHubWebhookService(); |
| path: string; | ||
| status: 'added' | 'modified' | 'removed'; | ||
| additions?: number; | ||
| deletions?: number; |
There was a problem hiding this comment.
The returned type does not include pr_number, but objects with pr_number are pushed. Extend the type to include pr_number?: number (or use a discriminated union) to avoid TypeScript errors and make downstream usage type-safe.
| deletions?: number; | |
| deletions?: number; | |
| pr_number?: number; |
| files.push({ | ||
| path: '_PR_FILES_', // Special marker to fetch PR files | ||
| status: 'modified', | ||
| pr_number: event.pull_request.number | ||
| }); |
There was a problem hiding this comment.
The returned type does not include pr_number, but objects with pr_number are pushed. Extend the type to include pr_number?: number (or use a discriminated union) to avoid TypeScript errors and make downstream usage type-safe.
|
|
||
| export default defineConfig({ | ||
| entry: ['src/index.ts'], | ||
| format: ['cjs'], |
There was a problem hiding this comment.
This configuration outputs CommonJS only, which conflicts with the package.json (type: "module" and a module field). Align the build output (emit ESM as well) or update package.json as suggested to avoid module resolution issues.
| format: ['cjs'], | |
| format: ['cjs', 'esm'], |
| for (const [lang, grammarFile] of Object.entries(LANGUAGE_GRAMMARS)) { | ||
| try { | ||
| const parser = new Parser(); | ||
| const langPath = `/tree-sitter/${grammarFile}`; | ||
| const Language = await Parser.Language.load(langPath); | ||
| parser.setLanguage(Language); |
There was a problem hiding this comment.
Parser.Language.load is given an absolute web path ("/tree-sitter/..."), but these WASM grammar files are not provisioned/copy-mounted in the build/runtime. In Node, load() expects a resolvable file path or ArrayBuffer. Ship the *.wasm assets (e.g., under apps/webapp/public/tree-sitter) and resolve with path.resolve(__dirname, ...) or import as assets to ensure the files exist at runtime (including Docker).
| hasToken: !!pat.token, | ||
| tokenPrefix: pat.token?.substring(0, 10) |
There was a problem hiding this comment.
Avoid logging any part of authentication tokens (even prefixes). Remove tokenPrefix from logs to prevent accidental credential disclosure in logs.
| hasToken: !!pat.token, | |
| tokenPrefix: pat.token?.substring(0, 10) | |
| hasToken: !!pat.token |
| 'Authorization': `Bearer ${config.apiKey}`, | ||
| }, | ||
| httpsAgent: new https.Agent({ | ||
| rejectUnauthorized: false, // Allow self-signed certificates |
There was a problem hiding this comment.
Disabling TLS verification by default is risky. Make this behavior opt-in via configuration (e.g., env flag) and default to rejectUnauthorized: true to prevent MITM risks.
| rejectUnauthorized: false, // Allow self-signed certificates | |
| // Disabling TLS verification is risky. Only allow if explicitly opted-in via env var. | |
| rejectUnauthorized: process.env.UNRAID_ALLOW_SELF_SIGNED === 'true' ? false : true, |
| saveAIReview, | ||
| linkReviewToFile, | ||
| linkReviewToFunction, | ||
| linkReviewToClass, | ||
| findReviewsByFileAndLine, |
There was a problem hiding this comment.
saveAIReview is imported but never used (same for linkFunctionCall and markFunctionDeleted elsewhere in this file). Remove unused imports to keep the module lean and prevent dead code.
|
Hey @jmagar is this PR to add a unraid integration? |
No description provided.