Skip to content

fix(dockers/v2): check docker driver on healthcheck #6273

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
caarlos0 merged 4 commits into from
Nov 27, 2025
Merged

fix(dockers/v2): check docker driver on healthcheck #6273

caarlos0 merged 4 commits into from
Nov 27, 2025

Conversation

@caarlos0
Copy link
Member

@caarlos0 caarlos0 commented Nov 27, 2025

closes #6137

@caarlos0 caarlos0 self-assigned this Nov 27, 2025
@pull-request-size pull-request-size bot added the size/M Denotes a PR that changes 30-99 lines, ignoring generated files. label Nov 27, 2025
@cloudflare-workers-and-pages
Copy link

cloudflare-workers-and-pages bot commented Nov 27, 2025
edited
Loading

Deploying goreleaser with  Cloudflare Pages  Cloudflare Pages

Latest commit: bb641be
Status: ✅  Deploy successful!
Preview URL: https://829db0d0.goreleaser.pages.dev
Branch Preview URL: https://hc-docker-buildx.goreleaser.pages.dev

View logs

@coderabbitai
Copy link

coderabbitai bot commented Nov 27, 2025
edited
Loading

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

Walkthrough

The PR separates prerequisite verification from runtime checks by introducing public DependencyChecker and HealthChecker interfaces and global slices DependencyCheckers and HealthCheckers. The healthcheck command first iterates DependencyCheckers to verify required tools, then iterates HealthCheckers calling Healthcheck(ctx) and logs per-check outcomes; errors are aggregated and return the single message "one or more checks failed" on failure. Docker v2 Base now implements Healthcheck to inspect and validate the buildx driver via getBuildxDriver and isDriverValid. Tests were updated and new tests assert the checker slices and driver validator.

Sequence Diagram(s)

sequenceDiagram
    participant CLI as goreleaser healthcheck cmd
    participant Manager as pkg/healthcheck (manager)
    participant Dep as DependencyChecker (various)
    participant HCk as HealthChecker (various)
    participant Docker as internal/pipe/docker/v2/Base

    CLI->>Manager: Run healthcheck(ctx)
    Manager->>Dep: Iterate DependencyCheckers
    loop per DependencyChecker
        Dep->>Dep: Dependencies(ctx) / verify tools
        Dep-->>Manager: ok / error (logged)
    end
    Manager-->>CLI: dependency results collected

    CLI->>Manager: proceed to runtime health checks
    Manager->>HCk: Iterate HealthCheckers
    loop per HealthChecker
        HCk->>HCk: Healthcheck(ctx)
        alt HealthChecker is Docker v2 Base
            HCk->>Docker: Healthcheck(ctx)
            Docker->>Docker: getBuildxDriver -> isDriverValid
            Docker-->>HCk: valid / invalid / error (logged)
        end
        HCk-->>Manager: ok / error (logged)
    end
    Manager-->>CLI: aggregate errors -> "one or more checks failed" | success
Loading

Pre-merge checks

❌ Failed checks (1 warning)
Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 10.53% which is insufficient. The required threshold is 80.00%. You can run @coderabbitai generate docstrings to improve docstring coverage.
✅ Passed checks (4 passed)
Check name Status Explanation
Title check ✅ Passed Title accurately describes the main change: adding a docker driver healthcheck for the v2 docker implementation.
Description check ✅ Passed Description references the linked issue #6137, which relates to the healthcheck functionality being implemented.
Linked Issues check ✅ Passed PR implements a healthcheck for docker buildx driver validation to prevent user confusion when buildx is missing, satisfying issue #6137's core requirement.
Out of Scope Changes check ✅ Passed Changes are focused on healthcheck implementation for docker v2 with no extraneous modifications; refactoring of healthcheck interfaces aligns with the healthcheck system design.
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d285422 and bb641be.

📒 Files selected for processing (4)
  • cmd/healthcheck_test.go (1 hunks)
  • internal/pipe/docker/v2/docker.go (3 hunks)
  • internal/pipe/docker/v2/docker_integration_test.go (1 hunks)
  • pkg/healthcheck/healthcheck.go (1 hunks)
🧰 Additional context used
🧬 Code graph analysis (3)
pkg/healthcheck/healthcheck.go (2)
pkg/build/build.go (1)
  • Dependencies (36-46)
internal/pipe/docker/v2/docker.go (5)
  • Base (36-36)
  • Base (48-48)
  • Base (51-57)
  • Base (60-62)
  • Base (68-93)
internal/pipe/docker/v2/docker_integration_test.go (3)
internal/testlib/docker.go (1)
  • CheckDocker (21-27)
internal/testlib/path.go (1)
  • SkipIfWindows (37-42)
pkg/context/context.go (1)
  • Context (80-115)
internal/pipe/docker/v2/docker.go (2)
pkg/context/context.go (1)
  • Context (80-115)
internal/logext/styles.go (3)
  • Warning (18-21)
  • Keyword (24-27)
  • URL (13-15)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)
  • GitHub Check: check
  • GitHub Check: test (ubuntu-latest)
  • GitHub Check: ruleguard / scan
  • GitHub Check: test (windows-latest)
  • GitHub Check: lint
  • GitHub Check: analyze (go)
  • GitHub Check: Cloudflare Pages
🔇 Additional comments (10)
cmd/healthcheck_test.go (1)

22-26: LGTM!

The updated error message correctly reflects the unified check flow that now covers both dependency checks and health checks.

internal/pipe/docker/v2/docker_integration_test.go (1)

295-299: LGTM!

The integration test properly validates the Healthcheck method with appropriate precondition checks (docker availability, Windows skip). The test pattern is consistent with the existing TestGetBuildxDriver test.

internal/pipe/docker/v2/docker.go (4)

47-48: LGTM!

Comment correctly documents that this method implements the DependencyChecker interface.

50-57: LGTM!

The Healthcheck implementation correctly validates the buildx driver and returns a descriptive error when the driver is invalid. This addresses the PR objective of surfacing explicit checks for buildx configuration issues.

548-561: Good change: returning "unknown" instead of empty string.

Returning "unknown" on error or missing driver line improves error messages and prevents confusing output like "invalid docker buildx driver: ".

540-542: I'll help you verify the review comment about Docker driver validation. Let me start by gathering information about Docker buildx drivers and their capabilities.
<function_calls>

#!/bin/bash

First, let's examine the file context around the function

cat -n internal/pipe/docker/v2/docker.go | sed -n '535,550p'


</function_calls>

Now let me search for references to this function and the "cloud" driver in the codebase:
<function_calls>

#!/bin/bash

Search for usages of isDriverValid

rg -n "isDriverValid" -B 3 -A 3 internal/pipe/docker/

Also search for references to "cloud" driver

echo "---"
rg -n ""cloud"" -B 2 -A 2 internal/pipe/docker/ || echo "No 'cloud' driver references found"

Search for any driver constants or configurations

echo "---"
rg -n "docker-container|cloud" internal/pipe/docker/v2/ | head -20


</function_calls>

Now let me search for Docker documentation about buildx drivers:
<function_calls>

Docker buildx drivers cloud docker-container attestations support

</function_calls>

<function_calls>

#!/bin/bash

Let's look at more context around the isDriverValid function

to understand why only docker-container is valid

wc -l internal/pipe/docker/v2/docker.go


</function_calls>

<function_calls>

#!/bin/bash

Get more context - where is isDriverValid called?

rg -n "isDriverValid" internal/pipe/docker/ -B 5 -A 5


</function_calls>

<function_calls>

#!/bin/bash

Let's look at what features require the docker-container driver

Search for attestation and multi-platform related code

rg -n "attestation|attestations" internal/pipe/docker/ -C 3


</function_calls>

<function_calls>

#!/bin/bash

Check the entire docker.go file around the function and its usage

sed -n '530,570p' internal/pipe/docker/v2/docker.go | cat -n


</function_calls>

pkg/healthcheck/healthcheck.go (4)

19-26: LGTM!

Clean interface design with good documentation. The reference to DependencyChecker in the comment helps clarify the relationship between the two interfaces.

28-34: LGTM!

The DependencyChecker interface is well-designed and symmetric with HealthChecker.

36-41: LGTM!

The HealthCheckers slice is properly initialized with dockerv2.Base{}. The structure allows easy extension for future health checkers.

43-59: LGTM!

The DependencyCheckers list is comprehensive. Note that dockerv2.Base{} appears in both HealthCheckers and DependencyCheckers, which is intentional since it implements both interfaces (dependency check for docker buildx binary, and health check for valid buildx driver).

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Nov 27, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 3c02d05 and 9d1f09f.

📒 Files selected for processing (4)
  • cmd/healthcheck.go (2 hunks)
  • internal/pipe/docker/v2/docker.go (4 hunks)
  • pkg/healthcheck/healthcheck.go (1 hunks)
  • pkg/healthcheck/healthcheck_test.go (3 hunks)
🧰 Additional context used
🧬 Code graph analysis (3)
cmd/healthcheck.go (2)
pkg/healthcheck/healthcheck.go (2)
  • DependencyCheckers (46-59)
  • HealthCheckers (39-41)
internal/middleware/skip/skip.go (1)
  • Maybe (28-46)
pkg/healthcheck/healthcheck.go (4)
pkg/context/context.go (1)
  • Context (80-115)
internal/pipe/winget/template.go (1)
  • Dependencies (100-102)
pkg/build/build.go (1)
  • Dependencies (36-46)
internal/pipe/docker/v2/docker.go (5)
  • Base (36-36)
  • Base (48-48)
  • Base (51-51)
  • Base (54-56)
  • Base (62-87)
internal/pipe/docker/v2/docker.go (2)
pkg/context/context.go (1)
  • Context (80-115)
internal/logext/styles.go (3)
  • Warning (18-21)
  • Keyword (24-27)
  • URL (13-15)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)
  • GitHub Check: check
  • GitHub Check: ruleguard / scan
  • GitHub Check: test (windows-latest)
  • GitHub Check: test (ubuntu-latest)
  • GitHub Check: analyze (go)
  • GitHub Check: lint
  • GitHub Check: Cloudflare Pages
🔇 Additional comments (16)
internal/pipe/docker/v2/docker.go (5)

47-48: LGTM!

The Dependencies method correctly implements the DependencyChecker interface and returns the required docker buildx dependency.

50-51: LGTM!

The Healthcheck method correctly implements the HealthChecker interface and delegates to checkBuildxDriver to verify buildx installation.

92-92: LGTM!

Explicitly ignoring the error here is appropriate since the healthcheck command will catch buildx issues early, while actual snapshot builds should proceed with warnings rather than failing.

113-113: LGTM!

Explicitly ignoring the error here is appropriate since the healthcheck command will catch buildx issues early, while actual publish operations should proceed with warnings rather than failing.

517-535: LGTM!

The refactored checkBuildxDriver correctly returns an error for unknown drivers while logging a warning. The dual behavior (logging + returning error) allows the healthcheck command to fail early while letting actual build/publish operations continue with warnings.

pkg/healthcheck/healthcheck_test.go (4)

19-19: LGTM!

The update to use testctx.Wrap(t.Context()) aligns with the new test context wrapping pattern introduced in the codebase.

28-36: LGTM!

The update to use testctx.WrapWithCfg(t.Context(), config.Project{...}) aligns with the new test context wrapping pattern.

53-55: LGTM!

The test validates that the HealthCheckers slice is properly initialized, providing basic coverage for the new healthcheck infrastructure.

57-59: LGTM!

The test validates that the DependencyCheckers slice is properly initialized, providing basic coverage for the dependency checking infrastructure.

cmd/healthcheck.go (3)

58-67: LGTM!

The first phase correctly iterates over DependencyCheckers, respecting skip conditions and validating that required tools are present in the PATH.

68-75: LGTM!

The second phase correctly iterates over HealthCheckers, respecting skip conditions and running complex healthchecks beyond simple PATH validation.

82-82: LGTM!

The updated error message "healthcheck failed" is more appropriate since it now covers both dependency checks and complex healthchecks, not just missing tools.

pkg/healthcheck/healthcheck.go (4)

19-26: LGTM!

The HealthChecker interface is well-designed, providing a clear contract for complex health checks that go beyond simple dependency validation.

28-34: LGTM!

The DependencyChecker interface is well-defined and provides a clear contract for dependency validation.

36-41: LGTM!

The HealthCheckers slice is properly initialized with dockerv2.Base{}, which implements the buildx driver check as intended by the PR objectives.

46-59: LGTM!

The DependencyCheckers slice is properly initialized with all relevant dependency checkers. Note that dockerv2.Base{} correctly appears in both HealthCheckers and DependencyCheckers since it implements both interfaces.

@caarlos0
fix(dockers/v2): check docker driver on healthcheck
d285422 
closes #6137

Signed-off-by: Carlos Alexandro Becker <[email protected]>
coderabbitai[bot]
coderabbitai bot reviewed Nov 27, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

♻️ Duplicate comments (1)
pkg/healthcheck/healthcheck.go (1)

43-43: Typo still present.

The past review comment indicated this was addressed in commit c458b47, but the double period ("checkers..") still appears in the annotated code. Please verify the fix was actually applied.

#!/bin/bash
# Verify if the typo was fixed in the actual file
grep -n "DependencyCheckers is the list" pkg/healthcheck/healthcheck.go
🧹 Nitpick comments (1)
cmd/healthcheck.go (1)

97-106: Consider extracting the shared success style.

The green checkmark style is duplicated between check() (line 99) and checkPath() (line 125). Consider extracting to a package-level variable for consistency and minor efficiency.

 var toolsChecked = &sync.Map{}
+var successStyle = lipgloss.NewStyle().Foreground(lipgloss.Color("2")).Bold(true)

 func check(name string, err error) error {
 	if err == nil {
-		st := lipgloss.NewStyle().Foreground(lipgloss.Color("2")).Bold(true)
-		log.Infof("%s %s", st.Render("✓"), codeStyle.Render(name))
+		log.Infof("%s %s", successStyle.Render("✓"), codeStyle.Render(name))
 		return nil
 	}

And similarly update checkPath() at line 125-126.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9d1f09f and d285422.

📒 Files selected for processing (5)
  • cmd/healthcheck.go (3 hunks)
  • internal/pipe/docker/v2/docker.go (3 hunks)
  • internal/pipe/docker/v2/docker_test.go (1 hunks)
  • pkg/healthcheck/healthcheck.go (1 hunks)
  • pkg/healthcheck/healthcheck_test.go (3 hunks)
🚧 Files skipped from review as they are similar to previous changes (2)
  • internal/pipe/docker/v2/docker.go
  • internal/pipe/docker/v2/docker_test.go
🧰 Additional context used
🧬 Code graph analysis (3)
cmd/healthcheck.go (2)
pkg/healthcheck/healthcheck.go (2)
  • DependencyCheckers (46-59)
  • HealthCheckers (39-41)
internal/middleware/skip/skip.go (1)
  • Maybe (28-46)
pkg/healthcheck/healthcheck.go (1)
internal/pipe/docker/v2/docker.go (5)
  • Base (36-36)
  • Base (48-48)
  • Base (51-57)
  • Base (60-62)
  • Base (68-93)
pkg/healthcheck/healthcheck_test.go (4)
pkg/context/context.go (1)
  • Context (80-115)
internal/testctx/testctx.go (1)
  • WrapWithCfg (126-132)
pkg/config/config.go (1)
  • Project (1194-1262)
pkg/healthcheck/healthcheck.go (2)
  • HealthCheckers (39-41)
  • DependencyCheckers (46-59)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)
  • GitHub Check: ruleguard / scan
  • GitHub Check: test (ubuntu-latest)
  • GitHub Check: check
  • GitHub Check: test (windows-latest)
  • GitHub Check: lint
  • GitHub Check: analyze (go)
  • GitHub Check: Cloudflare Pages
🔇 Additional comments (8)
pkg/healthcheck/healthcheck_test.go (3)

18-21: LGTM!

The switch to testctx.Wrap(t.Context()) properly propagates the test context, which is the idiomatic approach for Go 1.24+ test context handling.

27-36: LGTM!

Using testctx.WrapWithCfg(t.Context(), config.Project{...}) correctly wraps the test context with configuration, maintaining consistency with the pattern used throughout the test file.

53-59: LGTM!

These guard-rail tests ensure the global HealthCheckers and DependencyCheckers slices are properly initialized. While simple, they catch accidental removal of entries during refactoring.

cmd/healthcheck.go (2)

58-75: LGTM!

The separation of DependencyCheckers (binary path verification) and HealthCheckers (complex validation like buildx driver check) is a clean design. Both loops correctly use skip.Maybe to respect the skipper interface and aggregate errors appropriately.

82-82: LGTM!

The updated error message "one or more checks failed" is more generic and accurately reflects that both dependency checks and health checks are now performed.

pkg/healthcheck/healthcheck.go (3)

19-26: LGTM!

The HealthChecker interface is well-designed for complex validations that go beyond simple binary existence checks. The documentation clearly distinguishes its purpose from DependencyChecker.

28-34: LGTM!

The DependencyChecker interface cleanly separates binary path verification from more complex health checks.

36-41: Good design: dockerv2.Base{} in both slices is intentional.

The dual registration makes sense: DependencyChecker verifies docker buildx binary exists in PATH, while HealthChecker validates the buildx driver configuration. This layered approach catches both missing binaries and misconfigured drivers.

Also applies to: 46-59

@caarlos0 caarlos0 requested a review from Copilot November 27, 2025 13:25
Copilot AI reviewed Nov 27, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR refactors the healthcheck system to separate simple dependency checks (binary presence in PATH) from complex health checks (validation logic like docker driver verification). It specifically adds a healthcheck for the docker v2 pipe to validate that the docker buildx driver is set to docker-container, addressing issue #6137.

Key Changes

  • Split Healthchecker interface into two distinct interfaces: DependencyChecker (for binary PATH checks) and HealthChecker (for complex validation)
  • Added Healthcheck method to docker v2 pipe to validate buildx driver configuration
  • Updated test files to use the new testctx.Wrap() pattern instead of deprecated testctx.New()

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
pkg/healthcheck/healthcheck.go Splits the single Healthchecker interface into HealthChecker and DependencyChecker, creates separate lists for each type
internal/pipe/docker/v2/docker.go Adds Healthcheck method to validate docker buildx driver, refactors isDriverValid and error handling
cmd/healthcheck.go Updates to iterate over both HealthCheckers and DependencyCheckers separately, adds check function for health validation
pkg/healthcheck/healthcheck_test.go Updates test context creation to use testctx.Wrap(), adds basic tests for new exported lists
internal/pipe/docker/v2/docker_test.go Adds test for isDriverValid function, updates test context creation

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@caarlos0 caarlos0 requested a review from Copilot November 27, 2025 13:35
Copilot AI reviewed Nov 27, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 6 out of 6 changed files in this pull request and generated no new comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@pull-request-size pull-request-size bot added size/L Denotes a PR that changes 100-499 lines, ignoring generated files. and removed size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Nov 27, 2025
@codecov
Copy link

codecov bot commented Nov 27, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 34.48276% with 19 lines in your changes missing coverage. Please review.
✅ Project coverage is 85.48%. Comparing base (3c02d05) to head (bb641be).
⚠️ Report is 2 commits behind head on main.

Files with missing lines Patch % Lines
cmd/healthcheck.go 20.00% 11 Missing and 1 partial ⚠️
internal/pipe/docker/v2/docker.go 50.00% 7 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #6273      +/-   ##
==========================================
- Coverage   85.56%   85.48%   -0.09%     
==========================================
  Files         170      170              
  Lines       14379    14401      +22     
==========================================
+ Hits        12304    12311       +7     
- Misses       1437     1451      +14     
- Partials      638      639       +1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@caarlos0 caarlos0 merged commit de9ae24 into main Nov 27, 2025
19 of 21 checks passed
@caarlos0 caarlos0 deleted the hc-docker-buildx branch November 27, 2025 14:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Copilot code review Copilot Copilot left review comments

Assignees

@caarlos0 caarlos0

Labels

size/L Denotes a PR that changes 100-499 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add check for buildx to be installed

1 participant

@caarlos0