Skip to content

Minimization#376

Open
ndavidova wants to merge 5 commits into
masterfrom
minimization
Open

Minimization#376
ndavidova wants to merge 5 commits into
masterfrom
minimization

Conversation

@ndavidova

@ndavidova ndavidova commented Apr 20, 2026

Copy link
Copy Markdown
Contributor

This is an updated minimization PR that follows postgresql-container minimal pattern.

Summary by CodeRabbit

  • New Features

    • Added a new minimal Nginx 1.26 container image with OpenShift-friendly defaults, standard web ports, and support for Source-to-Image workflows.
    • Improved container startup behavior, including better log handling and support for running under random, non-root user IDs.
  • Documentation

    • Added and expanded usage guides for building, running, and troubleshooting the minimal image locally and in OpenShift.
    • Included examples for reverse-proxy usage, mounted content, and log output to volumes.

@coderabbitai

coderabbitai Bot commented Apr 20, 2026

Copy link
Copy Markdown

Review Change Stack

📝 Walkthrough

Walkthrough

Adds a new 1.26-minimal directory containing a complete minimal nginx 1.26 container image variant with two Dockerfiles (Dockerfile.rhel11 using UBI10-minimal and Dockerfile.c11s using CentOS Stream 10), a runtime filesystem overlay with nginx config sed scripts and nss_wrapper identity helpers, S2I assemble/run/usage lifecycle scripts, documentation, and a test harness built from symlinks to shared test infrastructure.

Changes

nginx 1.26 Minimal Image

Layer / File(s) Summary
Dockerfiles: image base, packages, permissions
1.26-minimal/Dockerfile.rhel11, 1.26-minimal/Dockerfile.c11s
Two Dockerfiles define the full image build for RHEL11 (ubi10-minimal) and CentOS Stream 10: port exposure, nginx version ENV/LABELs, microdnf install with version verification, filesystem overlay copy, sed-based nginx.conf rewrite, directory creation, chown/chmod for OpenShift rootless UID patterns, USER 1001, SIGQUIT stop signal, and S2I usage CMD.
Runtime config overlay: sed scripts, nss_wrapper, common.sh
1.26-minimal/root/opt/app-root/nginxconf.sed, 1.26-minimal/root/opt/app-root/nginxconf-rhscl.sed, 1.26-minimal/root/opt/app-root/etc/generate_container_user, 1.26-minimal/root/opt/app-root/etc/passwd.template, 1.26-minimal/root/usr/share/container-scripts/nginx/common.sh
Two sed scripts rewrite nginx.conf (listen port, user directive, config/webroot paths, error_page removal). generate_container_user uses envsubst and passwd.template to produce a passwd file at runtime and exports NSS_WRAPPER variables. common.sh defines get_matched_files and process_extending_files to source startup-extension shell scripts from default and custom directories.
S2I lifecycle scripts: assemble, run, usage
1.26-minimal/s2i/bin/assemble, 1.26-minimal/s2i/bin/run, 1.26-minimal/s2i/bin/usage
assemble copies /tmp/src and conditionally installs nginx.conf, nginx-cfg/*.conf, nginx-default-cfg/*.conf, nginx-start hooks, and nginx-perl/*.pm modules with g+rw permissions. run sources identity and helper scripts, calls process_extending_files, optionally symlinks nginx logs to stdout/stderr, and execs nginx -g "daemon off;". usage emits templated OpenShift and local docker run instructions.
Documentation
1.26-minimal/README.md, 1.26-minimal/root/README.md
Two README files added covering image availability, minimized variant features and limitations, OpenShift/S2I usage, Dockerfile build examples, direct volume-mount usage, NGINX_LOG_TO_VOLUME behavior, troubleshooting, and upstream references.
Test harness: symlinks and submodule references
1.26-minimal/test/*
All test files, library scripts, runners, YAML config, and fixture directories in 1.26-minimal/test/ are created as symlinks pointing to shared counterparts under ../../test/, ../../common/, and ../../examples/. Submodule commit pointers for perl-test-app and start-hook-test-app are set.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Suggested labels

pr/missing-review

Poem

🐇 A new image hops onto the scene,
With minimal layers, compact and lean!
sed scripts rewrite the nginx conf,
S2I scripts assemble and run with aplomb.
Symlinks abound in the test directory tree—
One rabbit's work, a whole variant free! 🎉

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name Status Explanation Resolution
Title check ❓ Inconclusive The title is related to the PR but too generic to describe the specific changes in the changeset. Use a more specific title such as "Add 1.26 minimal nginx container images and S2I docs".
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage ✅ Passed Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch minimization

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 YAMLlint (1.37.1)
1.26-minimal/test/test-openshift.yaml

[Errno 2] No such file or directory: '1.26-minimal/test/test-openshift.yaml'

🔧 Checkov (3.3.1)
1.26-minimal/test/test-openshift.yaml

2026-06-24 10:57:12,733 [MainThread ] [ERROR] Template file not found: 1.26-minimal/test/test-openshift.yaml
2026-06-24 10:57:12,737 [MainThread ] [ERROR] Template file not found: 1.26-minimal/test/test-openshift.yaml
2026-06-24 10:57:12,848 [MainThread ] [ERROR] Failed to invoke function /usr/local/lib/python3.11/dist-packages/checkov/common/runners/object_runner. with 1.26-minimal/test/test-openshift.yaml
Traceback (most recent call last):
File "/usr/local/lib/python3.11/dist-packages/checkov/common/parallelizer/parallel_runner.py", line 88, in func_wrapper
result = original_func(item)
^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/dist-packages/checkov/common/runners/object_runner.py", line 74, in
results = parallel_runner.run_function(lambda f: (f, self._parse_file(f)), files_to_load)
^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/dist-packages/checkov/openapi/runner

... [truncated 9105 characters] ...

directory: '1.26-minimal/test/test-openshift.yaml'
2026-06-24 10:57:12,951 [MainThread ] [ERROR] Exception traceback:
Traceback (most recent call last):
File "/usr/local/lib/python3.11/dist-packages/checkov/main.py", line 655, in run
self.scan_reports = runner_registry.run(
^^^^^^^^^^^^^^^^^^^^
File "/usr/local/lib/python3.11/dist-packages/checkov/common/runners/runner_registry.py", line 177, in run
for result in parallel_runner_results:
File "/usr/local/lib/python3.11/dist-packages/checkov/common/parallelizer/parallel_runner.py", line 118, in _run_function_multiprocess_fork
raise v.internal_exception.with_traceback(v.internal_exception.traceback)
FileNotFoundError: [Errno 2] No such file or directory: '1.26-minimal/test/test-openshift.yaml'


Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@github-actions

github-actions Bot commented Apr 20, 2026

Copy link
Copy Markdown

Pull Request validation

Failed

🔴 Approval - missing or changes were requested

Success

🟢 CI - All checks have passed
🟢 Review - Reviewed by a member


Triggered by Workflow Run

@phracek phracek left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

.exclude-rhel8 is not needed at all as we would like to have only C11S and RHEL11.

The rest is fine. Thanks. Do you have any results? How the image is minimized?

@phracek

phracek commented May 13, 2026

Copy link
Copy Markdown
Member

[test]

@phracek

phracek commented May 21, 2026

Copy link
Copy Markdown
Member

[test]

@ndavidova ndavidova marked this pull request as ready for review June 24, 2026 10:56

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 9

♻️ Duplicate comments (1)
1.26-minimal/Dockerfile.c11s (1)

22-23: 🎯 Functional Correctness | 🟠 Major | ⚡ Quick win

Same duplicate io.openshift.expose-services label as Dockerfile.rhel11.

The second declaration overrides the first, dropping 8080:http. Merge into io.openshift.expose-services="8080:http,8443:https".

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@1.26-minimal/Dockerfile.c11s` around lines 22 - 23, The Dockerfile has a
duplicated io.openshift.expose-services label declaration, which causes the
earlier service mapping to be overwritten. Update the metadata in the
Dockerfile.c11s label block so both ports are combined into a single
io.openshift.expose-services entry, matching the intended exposure for 8080:http
and 8443:https.
🧹 Nitpick comments (4)
1.26-minimal/root/opt/app-root/nginxconf-rhscl.sed (1)

1-10: 📐 Maintainability & Code Quality | 🔵 Trivial

Remove the duplicate nginxconf-rhscl.sed

1.26-minimal/Dockerfile.c11s and 1.26-minimal/Dockerfile.rhel11 both use nginxconf.sed; nginxconf-rhscl.sed has no references and duplicates the same rules. Dropping it would avoid drift.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@1.26-minimal/root/opt/app-root/nginxconf-rhscl.sed` around lines 1 - 10,
Remove the unused duplicate nginxconf-rhscl.sed script since the Dockerfile.c11s
and Dockerfile.rhel11 builds already reference nginxconf.sed and this file is
not referenced anywhere else. Delete the redundant nginxconf-rhscl.sed asset to
prevent config drift and keep the sed rules maintained in a single place.
1.26-minimal/s2i/bin/run (1)

11-14: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value

Prefer [[ ]] with && over -a inside [ ].

POSIX deprecates the binary -a operator inside [ ], and its parsing combined with the bash-only -v test is fragile. Since this is bash, use [[ ]]:

♻️ Proposed fix
-if [ ! -v NGINX_LOG_TO_VOLUME -a -v NGINX_LOG_PATH ]; then
+if [[ ! -v NGINX_LOG_TO_VOLUME && -v NGINX_LOG_PATH ]]; then
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@1.26-minimal/s2i/bin/run` around lines 11 - 14, Replace the conditional in
run so it uses bash [[ ]] with && instead of [ ] with -a, since the current
check mixes a deprecated operator with the bash-only -v test. Update the guard
around the NGINX_LOG_TO_VOLUME and NGINX_LOG_PATH checks in the run script,
keeping the symlink commands in the same block.
1.26-minimal/s2i/bin/assemble (1)

17-50: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value

Guard the ls glob checks consistently.

Lines 19, 28, and 45 run ls -A ./nginx-cfg/*.conf etc. without 2>/dev/null. When the directory exists but contains no matching *.conf/*.pm, the glob stays literal and ls prints a "No such file or directory" error to stderr (the nginx-start check on Line 37 already handles this with 2>/dev/null). Align these for clean output and consistent behavior.

♻️ Proposed fix
-  if [ "$(ls -A ./nginx-cfg/*.conf)" ]; then
+  if [ "$(ls -A ./nginx-cfg/*.conf 2>/dev/null)" ]; then

(apply the same 2>/dev/null to Lines 28 and 45)

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@1.26-minimal/s2i/bin/assemble` around lines 17 - 50, The glob-based existence
checks in the assemble script are inconsistent: the `ls -A` tests in the nginx
config, default config, and perl module blocks can emit errors when no files
match. Update the `ls` checks in the `nginx-cfg`, `nginx-default-cfg`, and
`nginx-perl` sections of `assemble` to handle missing glob matches the same way
as the `nginx-start` block, using stderr suppression so the script stays quiet
and consistent.
1.26-minimal/root/usr/share/container-scripts/nginx/common.sh (1)

20-30: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Quote variable expansions to avoid word-splitting/globbing.

[ $filename ], $custom_dir/$filename, and $default_dir/$filename are unquoted. A filename containing spaces or shell metacharacters will break the test and the -f/source checks. Also note the #!/bin/sh shebang on Line 1 while the file relies on bash features (function, source, <<<); it works because run sources it under bash, but the shebang is misleading.

♻️ Proposed fix
   while read filename ; do
-    if [ $filename ]; then
+    if [ -n "$filename" ]; then
       echo "=> sourcing $filename ..."
       # Custom file is prefered
-      if [ -f $custom_dir/$filename ]; then
-        source $custom_dir/$filename
-      elif [ -f $default_dir/$filename ]; then 
-        source $default_dir/$filename
+      if [ -f "$custom_dir/$filename" ]; then
+        source "$custom_dir/$filename"
+      elif [ -f "$default_dir/$filename" ]; then
+        source "$default_dir/$filename"
       fi
     fi
   done <<<"$(get_matched_files "$custom_dir" "$default_dir" '*.sh' | sort -u)"
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@1.26-minimal/root/usr/share/container-scripts/nginx/common.sh` around lines
20 - 30, The shell logic in common.sh uses unquoted expansions in the read loop,
so update the checks and file sourcing in the loop around read/get_matched_files
to quote filename, custom_dir, and default_dir references to prevent
word-splitting and globbing. Also review the shebang and bash-specific usage in
this script so the header matches the fact that it relies on bash features like
source and here-strings, or otherwise make the script consistently
POSIX-compliant.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@1.26-minimal/Dockerfile.rhel11`:
- Around line 22-23: The Dockerfile RHEL11 image metadata has a duplicate
io.openshift.expose-services label, so the later 8443:https entry overrides the
earlier 8080:http mapping. Update the LABEL block in Dockerfile.rhel11 to use a
single io.openshift.expose-services value that includes both HTTP and HTTPS
ports, preserving both mappings in the final image.
- Around line 51-52: The COPY instructions in the Dockerfile are still pulling
overlay files from the base NGINX version path instead of the minimal variant.
Update the two COPY statements in the Dockerfile build stage so they source the
local minimal overlay directories under the 1.26-minimal variant (the root
overlay and s2i/bin scripts), using the existing COPY setup around the
Dockerfile’s root and STI_SCRIPTS_PATH references.

In `@1.26-minimal/README.md`:
- Around line 1-19: Update the 1.26-minimal README so it matches the
minimal/UBI10 image variant: replace any references to the standard
ubi9/nginx-126 base image with the minimal UBI10/CentOS Stream 10 image names
used by this variant, and add a short note near the introduction explaining that
this directory/documentation is for the minimized image build. Keep the rest of
the usage guidance aligned with the minimal image naming and build/pull
instructions so readers are not pointed at the wrong base image.
- Around line 197-205: The README See also section contains template text and
outdated Dockerfile references. Update the prose in the README’s “See also”
block to refer to the nginx container image instead of “Python environment,” and
correct the variant list so it matches the Dockerfiles actually present for this
image by replacing the stale names with the current ones used in the
1.26-minimal tree, including Dockerfile.rhel11 and Dockerfile.c11s. Use the
README section itself as the target and keep the repository reference aligned
with the nginx-container source.

In `@1.26-minimal/root/README.md`:
- Line 53: The README still refers to the older ubi9/nginx-126 image in a
UBI10-based variant, so update the documented image coordinates to the correct
UBI10 equivalents throughout the affected examples. Fix the stale references in
the README sections that mention the image name and registry path, using the
existing nginx-126 and registry.access.redhat.com references as the targets to
replace.
- Around line 23-44: The minimized-variant README section is inconsistent with
the actual Dockerfile.rhel11 build, so update the description to match the real
single-stage FROM ubi10-minimal:latest setup and its microdnf-based package
installation. Align the listed packages and runtime capabilities with what
Dockerfile.rhel11 actually installs and ships, and remove or revise claims like
the scratch multi-stage build, no package manager, 72% smaller/81 MB figures,
and Perl exclusion if they are not true. Use the README section heading and the
Dockerfile.rhel11 build details as the source of truth when rewriting this
subsection.
- Around line 229-232: The “See also” text in README is stale and refers to the
wrong image type plus nonexistent Dockerfiles. Update the repository note in the
README section to match this nginx image and replace the listed Dockerfile
references with the actual variants present in this directory, using the
existing README wording style and the repository’s current Dockerfile names.

In `@1.26-minimal/test/perl-test-app`:
- Line 1: Add an entry for the gitlink `1.26-minimal/test/perl-test-app` in
`.gitmodules` so it is recognized as a submodule alongside `common`; update the
submodule configuration for `test/perl-test-app` to match the existing submodule
naming/style so `git submodule update --init` can populate it in a fresh
checkout.

In `@1.26-minimal/test/start-hook-test-app`:
- Line 1: The `1.26-minimal/test/start-hook-test-app` path is currently a
gitlink without a matching `.gitmodules` entry, so `git submodule update --init`
cannot resolve it. Update the repository metadata by adding the submodule
registration for this path in `.gitmodules` using the existing submodule setup
patterns (for example, alongside `common`), or change the fixture back to
regular tracked files if it should not be a submodule.

---

Duplicate comments:
In `@1.26-minimal/Dockerfile.c11s`:
- Around line 22-23: The Dockerfile has a duplicated
io.openshift.expose-services label declaration, which causes the earlier service
mapping to be overwritten. Update the metadata in the Dockerfile.c11s label
block so both ports are combined into a single io.openshift.expose-services
entry, matching the intended exposure for 8080:http and 8443:https.

---

Nitpick comments:
In `@1.26-minimal/root/opt/app-root/nginxconf-rhscl.sed`:
- Around line 1-10: Remove the unused duplicate nginxconf-rhscl.sed script since
the Dockerfile.c11s and Dockerfile.rhel11 builds already reference nginxconf.sed
and this file is not referenced anywhere else. Delete the redundant
nginxconf-rhscl.sed asset to prevent config drift and keep the sed rules
maintained in a single place.

In `@1.26-minimal/root/usr/share/container-scripts/nginx/common.sh`:
- Around line 20-30: The shell logic in common.sh uses unquoted expansions in
the read loop, so update the checks and file sourcing in the loop around
read/get_matched_files to quote filename, custom_dir, and default_dir references
to prevent word-splitting and globbing. Also review the shebang and
bash-specific usage in this script so the header matches the fact that it relies
on bash features like source and here-strings, or otherwise make the script
consistently POSIX-compliant.

In `@1.26-minimal/s2i/bin/assemble`:
- Around line 17-50: The glob-based existence checks in the assemble script are
inconsistent: the `ls -A` tests in the nginx config, default config, and perl
module blocks can emit errors when no files match. Update the `ls` checks in the
`nginx-cfg`, `nginx-default-cfg`, and `nginx-perl` sections of `assemble` to
handle missing glob matches the same way as the `nginx-start` block, using
stderr suppression so the script stays quiet and consistent.

In `@1.26-minimal/s2i/bin/run`:
- Around line 11-14: Replace the conditional in run so it uses bash [[ ]] with
&& instead of [ ] with -a, since the current check mixes a deprecated operator
with the bash-only -v test. Update the guard around the NGINX_LOG_TO_VOLUME and
NGINX_LOG_PATH checks in the run script, keeping the symlink commands in the
same block.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: d832ecda-d2a5-40b2-a462-50ab932eba6f

📥 Commits

Reviewing files that changed from the base of the PR and between f6fc0ab and 58e1e62.

📒 Files selected for processing (38)
  • 1.26-minimal/.exclude-rhel8
  • 1.26-minimal/Dockerfile.c11s
  • 1.26-minimal/Dockerfile.rhel11
  • 1.26-minimal/README.md
  • 1.26-minimal/root/README.md
  • 1.26-minimal/root/opt/app-root/etc/generate_container_user
  • 1.26-minimal/root/opt/app-root/etc/passwd.template
  • 1.26-minimal/root/opt/app-root/nginxconf-rhscl.sed
  • 1.26-minimal/root/opt/app-root/nginxconf.sed
  • 1.26-minimal/root/usr/share/container-scripts/nginx/common.sh
  • 1.26-minimal/s2i/bin/assemble
  • 1.26-minimal/s2i/bin/run
  • 1.26-minimal/s2i/bin/usage
  • 1.26-minimal/test/__init__.py
  • 1.26-minimal/test/conftest.py
  • 1.26-minimal/test/examples
  • 1.26-minimal/test/imagestreams
  • 1.26-minimal/test/perl-test-app
  • 1.26-minimal/test/run
  • 1.26-minimal/test/run-openshift-remote-cluster
  • 1.26-minimal/test/run-pytest
  • 1.26-minimal/test/start-hook-test-app
  • 1.26-minimal/test/test-app
  • 1.26-minimal/test/test-lib-nginx.sh
  • 1.26-minimal/test/test-lib-openshift.sh
  • 1.26-minimal/test/test-lib-remote-openshift.sh
  • 1.26-minimal/test/test-lib.sh
  • 1.26-minimal/test/test-openshift.yaml
  • 1.26-minimal/test/test_container_application.py
  • 1.26-minimal/test/test_container_basics.py
  • 1.26-minimal/test/test_container_example_apps.py
  • 1.26-minimal/test/test_ocp_imagestream_s2i.py
  • 1.26-minimal/test/test_ocp_imagestreams.py
  • 1.26-minimal/test/test_ocp_local_example.py
  • 1.26-minimal/test/test_ocp_remote_example.py
  • 1.26-minimal/test/test_ocp_shared_helm_imagestreams.py
  • 1.26-minimal/test/test_ocp_shared_helm_template.py
  • 1.26-minimal/test/test_ocp_template_example_app.py

Comment on lines +22 to +23
io.openshift.expose-services="8080:http" \
io.openshift.expose-services="8443:https" \

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Functional Correctness | 🟠 Major | ⚡ Quick win

Duplicate io.openshift.expose-services label drops the HTTP mapping.

LABEL keys must be unique; the second declaration overrides the first, so the final image only advertises 8443:https and loses 8080:http. Combine both ports into a single value.

🐛 Proposed fix
-      io.openshift.expose-services="8080:http" \
-      io.openshift.expose-services="8443:https" \
+      io.openshift.expose-services="8080:http,8443:https" \
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
io.openshift.expose-services="8080:http" \
io.openshift.expose-services="8443:https" \
io.openshift.expose-services="8080:http,8443:https" \
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@1.26-minimal/Dockerfile.rhel11` around lines 22 - 23, The Dockerfile RHEL11
image metadata has a duplicate io.openshift.expose-services label, so the later
8443:https entry overrides the earlier 8080:http mapping. Update the LABEL block
in Dockerfile.rhel11 to use a single io.openshift.expose-services value that
includes both HTTP and HTTPS ports, preserving both mappings in the final image.

Comment on lines +51 to +52
COPY $NGINX_VERSION/root /
COPY $NGINX_VERSION/s2i/bin/ $STI_SCRIPTS_PATH

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🗄️ Data Integrity & Integration | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
fd -t d 'root$' -p '1.26*'
fd -a 'Makefile' -d 2
rg -n 'NGINX_VERSION|VERSIONS|context|COPY .*root' Makefile 2>/dev/null

Repository: sclorg/nginx-container

Length of output: 325


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== top-level files/dirs around 1.26 =="
fd -a -t d '^(1\.26|1\.26-minimal)$' .

echo
echo "== Dockerfile snippets =="
for f in 1.26-minimal/Dockerfile.rhel11 1.26/Dockerfile.rhel11; do
  if [ -f "$f" ]; then
    echo "-- $f --"
    nl -ba "$f" | sed -n '1,140p'
  fi
done

echo
echo "== make/build context references =="
rg -n '^(VERSIONS|.*context|.*docker build|.*buildx|.*dockerfile|.*1\.26|minimal)' /home/jailuser/git/Makefile 2>/dev/null || true

echo
echo "== files under version dirs matching root or s2i/bin =="
find 1.26 1.26-minimal -maxdepth 3 \( -path '*/root' -o -path '*/s2i/bin' -o -path '*/s2i/bin/*' \) -print 2>/dev/null | sort

Repository: sclorg/nginx-container

Length of output: 396


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== inspect repository tree relevant to 1.26 variants =="
find . -maxdepth 2 \( -type d -o -type f \) | sed 's#^\./##' | sort | rg '^(1\.26|1\.26-minimal)(/|$)|(^|/)Makefile$|(^|/)Dockerfile\.rhel11$'

Repository: sclorg/nginx-container

Length of output: 602


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== 1.26-minimal/Dockerfile.rhel11 =="
sed -n '1,120p' 1.26-minimal/Dockerfile.rhel11

echo
echo "== 1.26-minimal/Dockerfile.c11s =="
sed -n '1,120p' 1.26-minimal/Dockerfile.c11s

echo
echo "== Makefile build rules mentioning 1.26-minimal or Dockerfile.rhel11 =="
rg -n -C 2 '1\.26-minimal|Dockerfile\.rhel11|docker build|buildx|context|root /|s2i/bin' Makefile

Repository: sclorg/nginx-container

Length of output: 8429


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== minimal variant references across repo =="
rg -n -C 2 '1\.26-minimal|Dockerfile\.rhel11|COPY .*root|COPY .*s2i/bin|STI_SCRIPTS_PATH|NGINX_VERSION' 1.26-minimal 1.26 Makefile

Repository: sclorg/nginx-container

Length of output: 21686


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== 1.26-minimal/Dockerfile.rhel11 =="
sed -n '1,120p' 1.26-minimal/Dockerfile.rhel11

echo
echo "== 1.26-minimal/Dockerfile.c11s =="
sed -n '1,120p' 1.26-minimal/Dockerfile.c11s

echo
echo "== Makefile snippets for 1.26-minimal build context =="
rg -n -C 3 '1\.26-minimal|Dockerfile\.rhel11|docker build|buildx|context' Makefile

Repository: sclorg/nginx-container

Length of output: 8412


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== line-numbered excerpt from 1.26-minimal/Dockerfile.rhel11 =="
python3 - <<'PY'
from pathlib import Path
p = Path("1.26-minimal/Dockerfile.rhel11")
for i, line in enumerate(p.read_text().splitlines(), 1):
    if 1 <= i <= 120:
        print(f"{i:4d}: {line}")
PY

Repository: sclorg/nginx-container

Length of output: 4828


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== Makefile around version/build rules =="
python3 - <<'PY'
from pathlib import Path
p = Path("Makefile")
for i, line in enumerate(p.read_text().splitlines(), 1):
    if 1 <= i <= 220:
        print(f"{i:4d}: {line}")
PY

Repository: sclorg/nginx-container

Length of output: 672


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== build tooling references to DOCKER_BUILD_CONTEXT =="
rg -n -C 3 'DOCKER_BUILD_CONTEXT|docker build|context-dir|Dockerfile\.rhel11|1\.26-minimal' common Makefile .github 2>/dev/null || true

echo
echo "== minimal README hints =="
sed -n '1,120p' 1.26-minimal/README.md

Repository: sclorg/nginx-container

Length of output: 6157


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== common/build.sh excerpt =="
if [ -f common/build.sh ]; then
  python3 - <<'PY'
from pathlib import Path
p = Path("common/build.sh")
for i, line in enumerate(p.read_text().splitlines(), 1):
    if 1 <= i <= 240:
        print(f"{i:4d}: {line}")
PY
fi

echo
echo "== common/common.mk excerpt =="
if [ -f common/common.mk ]; then
  python3 - <<'PY'
from pathlib import Path
p = Path("common/common.mk")
for i, line in enumerate(p.read_text().splitlines(), 1):
    if 1 <= i <= 260:
        print(f"{i:4d}: {line}")
PY
fi

Repository: sclorg/nginx-container

Length of output: 222


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== tree comparison: 1.26 vs 1.26-minimal =="
for d in root s2i/bin; do
  echo "-- $d --"
  echo "1.26/$d:"
  find "1.26/$d" -maxdepth 3 -type f | sort | sed 's#^#  #'
  echo "1.26-minimal/$d:"
  find "1.26-minimal/$d" -maxdepth 3 -type f | sort | sed 's#^#  #'
done

echo
echo "== build entrypoints mentioning Dockerfile.rhel11 or minimal =="
rg -n -C 2 'Dockerfile\.rhel11|1\.26-minimal|minimal' . --glob '!*README.md' --glob '!**/README.md' 2>/dev/null || true

Repository: sclorg/nginx-container

Length of output: 5701


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== root Makefile around build targets =="
python3 - <<'PY'
from pathlib import Path
p = Path("Makefile")
lines = p.read_text().splitlines()
for i, line in enumerate(lines, 1):
    if 1 <= i <= 220:
        print(f"{i:4d}: {line}")
PY

echo
echo "== search for DOCKER_BUILD_CONTEXT usage =="
rg -n -C 3 'DOCKER_BUILD_CONTEXT|docker build|buildx|Dockerfile\.rhel11|1\.26-minimal' . 2>/dev/null | sed -n '1,220p'

Repository: sclorg/nginx-container

Length of output: 1715


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== versioned directories under repo root =="
find . -maxdepth 2 -type d \( -name '1.26' -o -name '1.26-minimal' -o -name 'common' \) | sort

echo
echo "== any Makefile in subdirs =="
find . -maxdepth 2 -name 'Makefile' -o -name 'makefile' | sort

Repository: sclorg/nginx-container

Length of output: 293


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== Makefile (full, if small enough) =="
wc -l Makefile
sed -n '1,260p' Makefile

echo
echo "== files referencing DOCKER_BUILD_CONTEXT or versioned Dockerfiles =="
rg -n -C 2 'DOCKER_BUILD_CONTEXT|Dockerfile\.rhel11|1\.26-minimal|docker build|build:' . 2>/dev/null

Repository: sclorg/nginx-container

Length of output: 1806


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== repository files at shallow depth =="
find . -maxdepth 2 \( -type f -o -type d \) | sed 's#^\./##' | sort | sed -n '1,240p'

Repository: sclorg/nginx-container

Length of output: 2345


Copy the minimal overlay locally in 1.26-minimal/Dockerfile.rhel11:51-52. 1.26-minimal/ has its own root/ and s2i/bin/, so these paths should come from the minimal variant instead of resolving through NGINX_VERSION.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@1.26-minimal/Dockerfile.rhel11` around lines 51 - 52, The COPY instructions
in the Dockerfile are still pulling overlay files from the base NGINX version
path instead of the minimal variant. Update the two COPY statements in the
Dockerfile build stage so they source the local minimal overlay directories
under the 1.26-minimal variant (the root overlay and s2i/bin scripts), using the
existing COPY setup around the Dockerfile’s root and STI_SCRIPTS_PATH
references.

Comment thread 1.26-minimal/README.md
Comment on lines +1 to +19
Nginx 1.26 server and a reverse proxy server container image
============================================================
This container image includes Nginx 1.26 server and a reverse server for OpenShift and general usage.
Users can choose between RHEL, CentOS Stream and Fedora based images.
The RHEL images are available in the [Red Hat Container Catalog](https://access.redhat.com/containers/),
the CentOS Stream images are available in the [Quay.io](https://quay.io/organization/sclorg),
and the Fedora images are available in the [Quay.io](https://quay.io/organization/fedora).
The resulting image can be run using [podman](https://github.com/containers/libpod).

Note: while the examples in this README are calling `podman`, you can replace any such calls by `docker` with the same arguments.


Description
-----------

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP
protocols, with a strong focus on high concurrency, performance and low memory usage. The container
image provides a containerized packaging of the nginx 1.26 daemon. The image can be used
as a base image for other applications based on nginx 1.26 web server.

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick win

README does not reflect the minimal / UBI10 variant.

This README lives under 1.26-minimal/ and the Dockerfiles are based on ubi10-minimal (RHEL11) and CentOS Stream 10, yet the document references ubi9/nginx-126 (Lines 25, 86, 110, 125, 168) and never mentions that this is the minimized image variant. Readers pulling/building from these instructions will reference the wrong base image. Please align the base-image references and add a short note describing the minimal variant.

Also applies to: 25-25

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@1.26-minimal/README.md` around lines 1 - 19, Update the 1.26-minimal README
so it matches the minimal/UBI10 image variant: replace any references to the
standard ubi9/nginx-126 base image with the minimal UBI10/CentOS Stream 10 image
names used by this variant, and add a short note near the introduction
explaining that this directory/documentation is for the minimized image build.
Keep the rest of the usage guidance aligned with the minimal image naming and
build/pull instructions so readers are not pointed at the wrong base image.

Comment thread 1.26-minimal/README.md
Comment on lines +197 to +205
See also
--------
Dockerfile and other sources for this container image are available on
https://github.com/sclorg/nginx-container.
In that repository you also can find another versions of Python environment Dockerfiles.
for RHEL8 it's `Dockerfile.rhel8`, Dockerfile for RHEL10 is called `Dockerfile.rhel10`,
Dockerfile for CentOS Stream 9 is called `Dockerfile.c9s`,
Dockerfile for CentOS Stream 10 is called `Dockerfile.c10s`, and the Fedora Dockerfile is called `Dockerfile.fedora`.

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick win

See also section has template copy-paste errors and stale Dockerfile names.

Two problems here:

  • Line 201 says "another versions of Python environment Dockerfiles" — leftover from the template; this is the nginx repository.
  • Lines 202-204 enumerate Dockerfile.rhel8, Dockerfile.rhel10, Dockerfile.c9s, Dockerfile.c10s, and Dockerfile.fedora, but this 1.26-minimal directory actually ships Dockerfile.rhel11 and Dockerfile.c11s. The list is inaccurate for this variant.
📝 Proposed fix
-In that repository you also can find another versions of Python environment Dockerfiles.
-for RHEL8 it's `Dockerfile.rhel8`, Dockerfile for RHEL10 is called `Dockerfile.rhel10`,
-Dockerfile for CentOS Stream 9 is called `Dockerfile.c9s`,
-Dockerfile for CentOS Stream 10 is called `Dockerfile.c10s`, and the Fedora Dockerfile is called `Dockerfile.fedora`.
+In that repository you also can find other versions of nginx Dockerfiles.
+For this minimal variant, the RHEL Dockerfile is called `Dockerfile.rhel11`
+and the CentOS Stream 10 Dockerfile is called `Dockerfile.c11s`.
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
See also
--------
Dockerfile and other sources for this container image are available on
https://github.com/sclorg/nginx-container.
In that repository you also can find another versions of Python environment Dockerfiles.
for RHEL8 it's `Dockerfile.rhel8`, Dockerfile for RHEL10 is called `Dockerfile.rhel10`,
Dockerfile for CentOS Stream 9 is called `Dockerfile.c9s`,
Dockerfile for CentOS Stream 10 is called `Dockerfile.c10s`, and the Fedora Dockerfile is called `Dockerfile.fedora`.
See also
--------
Dockerfile and other sources for this container image are available on
https://github.com/sclorg/nginx-container.
In that repository you also can find other versions of nginx Dockerfiles.
For this minimal variant, the RHEL Dockerfile is called `Dockerfile.rhel11`
and the CentOS Stream 10 Dockerfile is called `Dockerfile.c11s`.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@1.26-minimal/README.md` around lines 197 - 205, The README See also section
contains template text and outdated Dockerfile references. Update the prose in
the README’s “See also” block to refer to the nginx container image instead of
“Python environment,” and correct the variant list so it matches the Dockerfiles
actually present for this image by replacing the stale names with the current
ones used in the 1.26-minimal tree, including Dockerfile.rhel11 and
Dockerfile.c11s. Use the README section itself as the target and keep the
repository reference aligned with the nginx-container source.

Comment on lines +23 to +44
Minimized Variant (Dockerfile.rhel11)
--------------------------------------

A **minimized variant** is available via `Dockerfile.rhel11` that provides significant size reduction:

**Key Features:**
- **72% smaller image size** (81 MB vs 297 MB for standard variant)
- Built using multi-stage build: `ubi10/ubi → scratch` (not s2i-core)
- No package manager in final image (dnf/yum absent for enhanced security)
- Minimal package set: coreutils-single, glibc-minimal-langpack, nginx-core
- Same S2I functionality as standard builds
- Ideal for production, edge, and IoT deployments

**Limitations:**
- No package manager available for runtime package installation
- Perl modules excluded (minimization priority)
- Limited extensibility compared to standard variant

**Build the minimized variant:**
```bash
make build TARGET=rhel11 VERSIONS=1.26
```

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

📐 Maintainability & Code Quality | 🟠 Major | ⚡ Quick win

Minimized-variant description does not match Dockerfile.rhel11.

This section claims a multi-stage ubi10/ubi → scratch build with no package manager and packages coreutils-single, glibc-minimal-langpack, nginx-core. The actual Dockerfile.rhel11 is a single-stage FROM ubi10-minimal:latest that installs nginx nss_wrapper-libs gettext hostname findutils tar via microdnf (so microdnf is present). The "72% smaller / 81 MB vs 297 MB" and "Perl modules excluded" claims (assemble still installs nginx-perl/*.pm) also look copied from another project. Please reconcile the docs with the real build.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@1.26-minimal/root/README.md` around lines 23 - 44, The minimized-variant
README section is inconsistent with the actual Dockerfile.rhel11 build, so
update the description to match the real single-stage FROM ubi10-minimal:latest
setup and its microdnf-based package installation. Align the listed packages and
runtime capabilities with what Dockerfile.rhel11 actually installs and ships,
and remove or revise claims like the scratch multi-stage build, no package
manager, 72% smaller/81 MB figures, and Perl exclusion if they are not true. Use
the README section heading and the Dockerfile.rhel11 build details as the source
of truth when rewriting this subsection.


Usage in OpenShift
------------------
In this example, we assume that you are using the `ubi9/nginx-126` image, available through the `nginx:1.26` imagestream tag in Openshift.

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick win

Stale ubi9/nginx-126 references in a UBI10-based image.

This variant is built on ubi10-minimal, but the docs repeatedly reference ubi9/nginx-126 and registry.access.redhat.com/ubi9/nginx-126. Update these to the correct UBI10 image coordinates.

Also applies to: 114-114, 138-138, 153-153, 196-196

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@1.26-minimal/root/README.md` at line 53, The README still refers to the older
ubi9/nginx-126 image in a UBI10-based variant, so update the documented image
coordinates to the correct UBI10 equivalents throughout the affected examples.
Fix the stale references in the README sections that mention the image name and
registry path, using the existing nginx-126 and registry.access.redhat.com
references as the targets to replace.

Comment on lines +229 to +232
In that repository you also can find another versions of Python environment Dockerfiles.
for RHEL8 it's `Dockerfile.rhel8`, Dockerfile for RHEL10 is called `Dockerfile.rhel10`,
Dockerfile for CentOS Stream 9 is called `Dockerfile.c9s`,
Dockerfile for CentOS Stream 10 is called `Dockerfile.c10s`, and the Fedora Dockerfile is called `Dockerfile.fedora`.

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick win

Copy-paste leftovers in "See also".

Line 229 references "Python environment Dockerfiles" (this is an nginx image), and lines 230-232 list Dockerfile.rhel8/rhel10/c9s/c10s/fedora which don't exist in this 1.26-minimal/ directory (only Dockerfile.rhel11 and Dockerfile.c11s). Please correct.

✏️ Suggested fix
-In that repository you also can find another versions of Python environment Dockerfiles.
-for RHEL8 it's `Dockerfile.rhel8`, Dockerfile for RHEL10 is called `Dockerfile.rhel10`,
-Dockerfile for CentOS Stream 9 is called `Dockerfile.c9s`,
-Dockerfile for CentOS Stream 10 is called `Dockerfile.c10s`, and the Fedora Dockerfile is called `Dockerfile.fedora`.
+In that repository you also can find other versions of nginx Dockerfiles.
+The RHEL Dockerfile is called `Dockerfile.rhel11` and the CentOS Stream 10 Dockerfile is called `Dockerfile.c11s`.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@1.26-minimal/root/README.md` around lines 229 - 232, The “See also” text in
README is stale and refers to the wrong image type plus nonexistent Dockerfiles.
Update the repository note in the README section to match this nginx image and
replace the listed Dockerfile references with the actual variants present in
this directory, using the existing README wording style and the repository’s
current Dockerfile names.

@@ -0,0 +1 @@
Subproject commit 5dde0bc71e6ecb91ff2ef84cc2750e22d416e894

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🩺 Stability & Availability | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Confirm the submodule path is registered and compare pinned commits across variants.
echo "=== .gitmodules entries for perl-test-app ==="
git config -f .gitmodules --get-regexp 'submodule\..*perl-test-app.*' || echo "NOT REGISTERED"

echo "=== gitlink commits per variant ==="
git ls-files -s | rg 'perl-test-app$' || echo "no gitlinks found"

Repository: sclorg/nginx-container

Length of output: 339


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "=== files named .gitmodules ==="
git ls-files .gitmodules || true

echo
echo "=== .gitmodules content (if present) ==="
if git ls-files .gitmodules | grep -q .; then
  cat -n .gitmodules
else
  echo "(no tracked .gitmodules file)"
fi

echo
echo "=== all perl-test-app gitlinks ==="
git ls-files -s | awk '$1 == "160000" && $4 ~ /perl-test-app$/ {print}'

Repository: sclorg/nginx-container

Length of output: 483


Register 1.26-minimal/test/perl-test-app in .gitmodules. This path is a gitlink, but .gitmodules only defines common, so git submodule update --init will not populate test/perl-test-app in a fresh checkout and the example-app Perl tests will break.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@1.26-minimal/test/perl-test-app` at line 1, Add an entry for the gitlink
`1.26-minimal/test/perl-test-app` in `.gitmodules` so it is recognized as a
submodule alongside `common`; update the submodule configuration for
`test/perl-test-app` to match the existing submodule naming/style so `git
submodule update --init` can populate it in a fresh checkout.

@@ -0,0 +1 @@
Subproject commit 3dce4cb0937c5dd1e64a3494894a6cd4ca90a376

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🩺 Stability & Availability | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify .gitmodules registration for the new submodule path
cat .gitmodules 2>/dev/null | grep -nA3 'start-hook-test-app'

# Show all gitlink pointers for start-hook-test-app across variant dirs to confirm SHA consistency
fd -t f -H 'start-hook-test-app' --exec sh -c 'echo "== $1 =="; cat "$1"' _ {}

# Check ls-tree gitlink mode (160000) for the changed path
git ls-tree HEAD 1.26-minimal/test/ | grep 'start-hook-test-app'

Repository: sclorg/nginx-container

Length of output: 253


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== .gitmodules entries =="
if [ -f .gitmodules ]; then
  cat -n .gitmodules | sed -n '1,220p'
else
  echo "no .gitmodules file"
fi

echo
echo "== path registration search =="
rg -n "start-hook-test-app|1\.26-minimal/test/start-hook-test-app" .gitmodules .gitmodules 2>/dev/null || true

echo
echo "== tree entries around the path =="
git ls-tree HEAD 1.26-minimal/test | sed -n '1,120p'

echo
echo "== sibling variant pointers =="
git ls-tree HEAD test 2>/dev/null | sed -n '1,120p' || true
git ls-tree HEAD 1.25-minimal/test 2>/dev/null | sed -n '1,120p' || true
git ls-tree HEAD 1.26-full/test 2>/dev/null | sed -n '1,120p' || true

Repository: sclorg/nginx-container

Length of output: 534


🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== find any .gitmodules-like files =="
git ls-files | rg '(^|/)\.gitmodules$|start-hook-test-app' || true

echo
echo "== inspect file type at path if present in index =="
git ls-tree -r HEAD | rg 'start-hook-test-app|\.gitmodules' || true

Repository: sclorg/nginx-container

Length of output: 2795


Add the missing submodule registration for 1.26-minimal/test/start-hook-test-app
1.26-minimal/test/start-hook-test-app is a gitlink, but .gitmodules only defines common. Add the submodule entry for this path, or convert it back to regular files, so git submodule update --init can resolve the fixture.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@1.26-minimal/test/start-hook-test-app` at line 1, The
`1.26-minimal/test/start-hook-test-app` path is currently a gitlink without a
matching `.gitmodules` entry, so `git submodule update --init` cannot resolve
it. Update the repository metadata by adding the submodule registration for this
path in `.gitmodules` using the existing submodule setup patterns (for example,
alongside `common`), or change the fixture back to regular tracked files if it
should not be a submodule.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants