Skip to content

chore(docs): Add some more convenience and update local setup#879

Merged
8R0WNI3 merged 3 commits into
open-component-model:masterfrom
8R0WNI3:local-setup
Jul 7, 2026
Merged

chore(docs): Add some more convenience and update local setup#879
8R0WNI3 merged 3 commits into
open-component-model:masterfrom
8R0WNI3:local-setup

Conversation

@8R0WNI3

@8R0WNI3 8R0WNI3 commented Jul 5, 2026

Copy link
Copy Markdown
Member

What this PR does / why we need it:

Which issue(s) this PR fixes:
Fixes #

Special notes for your reviewer:

Release note:


Signed-off-by: Jonas Brand (8R0WNI3) <jonasbrand1712@gmail.com>
@8R0WNI3 8R0WNI3 self-assigned this Jul 5, 2026
@8R0WNI3 8R0WNI3 requested a review from a team as a code owner July 5, 2026 16:12
@8R0WNI3 8R0WNI3 added kind/chore chore, maintenance, etc. area/ipcei Important Project of Common European Interest labels Jul 5, 2026
@github-project-automation github-project-automation Bot moved this to 🔦 Needs Triage in Open Delivery Gear Jul 5, 2026
@8R0WNI3 8R0WNI3 moved this from 🔦 Needs Triage to 🔍 Review in Open Delivery Gear Jul 5, 2026
@coderabbitai

coderabbitai Bot commented Jul 5, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

  • @coderabbitai resume to resume automatic reviews.
  • @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

  • ▶️ Resume reviews
  • 🔍 Trigger review

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 3c77d06a-9f10-4ced-a095-cba4408f6bbb

📥 Commits

Reviewing files that changed from the base of the PR and between b322cc0 and 992eeda.

📒 Files selected for processing (1)
  • Makefile
🚧 Files skipped from review as they are similar to previous changes (1)
  • Makefile

📝 Walkthrough

Walkthrough

Renames component identifiers across feature, extension, bootstrapping, and profile YAML configs. Adds a run-db Makefile target for a local Postgres container and extends setup to generate an RSA-based local signing config.

Changes

Component rename across config

Layer / File(s) Summary
Core feature and profile config updates
src/features/features_cfg.yaml, src/odg/profiles.yaml
Updates the special component id, name, and type (OCM → ODG), and the default profile's referenced component UUID.
Extensions config component references
src/odg/extensions_cfg.yaml
Updates component_name in artefact_enumerator, cache_manager, findings_report, and sla_violation_profiler sections.
Bootstrapping chart values updates
charts/bootstrapping/values.example.yaml, charts/bootstrapping/values.minimal.yaml
Updates component_name and specialComponents entries to the new identifier and UUID.

Local development tooling

Layer / File(s) Summary
Makefile run-db target
Makefile
Adds run-db phony target, help text, and target logic to start a Postgres 16 Docker container with configured credentials and port mapping.
Setup-generated signing configuration
Makefile
Extends setup to generate an RSA key pair and write src/secrets/signing-cfg/local.yaml with an id, RS256 algorithm, and private/public key blocks.

Estimated code review effort: 2 (Simple) | ~12 minutes

Possibly related PRs

Poem

A rabbit hops through YAML fields,
renaming gears with gentle yields,
"open-delivery" now the name,
postgres hums, the setup's tame.
Keys are forged in RSA light —
hop hop, all config feels just right! 🐇

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Description check ⚠️ Warning The description only contains the template placeholders and no actual PR details, issue number, special notes, or release note. Fill in each template section with a real summary, linked issue number or remove the placeholder, reviewer notes if needed, and a completed release note block.
✅ Passed checks (4 passed)
Check name Status Explanation
Title check ✅ Passed The title is broad and slightly vague, but it still matches the main local setup and convenience changes.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@gitguardian

gitguardian Bot commented Jul 5, 2026

Copy link
Copy Markdown

️✅ There are no secrets present in this pull request anymore.

If these secrets were true positive and are still valid, we highly recommend you to revoke them.
While these secrets were previously flagged, we no longer have a reference to the
specific commits where they were detected. Once a secret has been leaked into a git
repository, you should consider it compromised, even if it was deleted immediately.
Find here more information about risks.


🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@Makefile`:
- Around line 98-107: The run-db target is missing the POSTGRES_DB setting, so
it can create a database name that drifts from the run target’s DB_NAME. Update
the run-db recipe to pass POSTGRES_DB using DB_NAME alongside the existing
POSTGRES_USER and POSTGRES_PASSWORD in the docker run command. Also address the
container name conflict in the run-db target by making repeated runs safe with
either --rm or a different lifecycle strategy, and keep the recipe formatting
consistent with the surrounding Makefile target.

In `@src/secrets/signing-cfg/local.yaml`:
- Around line 5-56: The local signing config currently embeds a real RSA private
key, which triggers secret scanning and blocks CI. Update the signing-cfg setup
around the local YAML and the jwt_from_signing_cfg-compatible key fields so no
committed private key remains in the repo: either replace the embedded key with
a generated-at-setup value or add a narrowly scoped secret-scanner
allowlist/ignore for this file with clear local-only justification. Keep the
existing algorithm/id/private_key/public_key shape intact so the loader still
works.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 66cdf06b-92b8-4b9d-8be8-97240d072fc1

📥 Commits

Reviewing files that changed from the base of the PR and between e650ac2 and 1ffa247.

📒 Files selected for processing (7)
  • Makefile
  • charts/bootstrapping/values.example.yaml
  • charts/bootstrapping/values.minimal.yaml
  • src/features/features_cfg.yaml
  • src/odg/extensions_cfg.yaml
  • src/odg/profiles.yaml
  • src/secrets/signing-cfg/local.yaml

Comment thread Makefile
Comment thread src/secrets/signing-cfg/local.yaml Outdated

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@Makefile`:
- Line 105: The docker run argument for POSTGRES_DB is missing its closing
quote, which causes the shell to merge it with the next option and break the
command. Fix the Makefile’s docker invocation by closing the quoted POSTGRES_DB
value in the same place it is opened, keeping the subsequent port mapping and
other flags separate; use the docker run block around POSTGRES_DB and the
related -p option to verify the quoting is balanced.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 1a7cea49-53fc-4460-827a-28fe1e18a85a

📥 Commits

Reviewing files that changed from the base of the PR and between 1ffa247 and 9dcf4e0.

📒 Files selected for processing (2)
  • Makefile
  • src/secrets/signing-cfg/local.yaml

Comment thread Makefile Outdated
Signed-off-by: Jonas Brand (8R0WNI3) <jonasbrand1712@gmail.com>
@8R0WNI3 8R0WNI3 force-pushed the local-setup branch 2 times, most recently from 169d77c to a77b60c Compare July 6, 2026 11:46

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.gitguardian.yaml:
- Around line 1-5: The GitGuardian ignore entry is masking a committed private
key instead of removing it. Update the handling around .gitguardian.yaml and
src/secrets/signing-cfg/local.yaml so no real PEM key material is committed;
replace it with a placeholder or a setup-time generator script (as suggested by
the signing-cfg flow and values.documentation.yaml), and remove the ignore rule.
If this key was already pushed, regenerate and rotate it.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: f4bf4e24-5717-491b-912d-a1ccaeeb74a0

📥 Commits

Reviewing files that changed from the base of the PR and between 9dcf4e0 and a77b60c.

📒 Files selected for processing (3)
  • .gitguardian.yaml
  • Makefile
  • src/secrets/signing-cfg/local.yaml

Comment thread .gitguardian.yaml Outdated

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
Makefile (1)

49-49: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value

uuidgen may not be present on all dev machines.

uuidgen isn't universally installed (e.g. some minimal Linux setups lack util-linux/uuid-runtime). Consider a more portable fallback such as python3 -c 'import uuid; print(uuid.uuid4())', which is already a dependency here given the pip step above.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@Makefile` at line 49, The Makefile target currently relies on uuidgen, which
may not exist on all developer machines. Update the command that prints the id
so it uses a portable UUID generator fallback, such as the existing Python 3
dependency, and keep the output format the same. Locate the change in the shell
snippet that emits the id value and replace the uuidgen call with a more widely
available approach.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@Makefile`:
- Line 49: The Makefile target currently relies on uuidgen, which may not exist
on all developer machines. Update the command that prints the id so it uses a
portable UUID generator fallback, such as the existing Python 3 dependency, and
keep the output format the same. Locate the change in the shell snippet that
emits the id value and replace the uuidgen call with a more widely available
approach.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 8ff0b214-931a-49ba-9004-606f3dc9a342

📥 Commits

Reviewing files that changed from the base of the PR and between a77b60c and b322cc0.

📒 Files selected for processing (1)
  • Makefile

Signed-off-by: Jonas Brand (8R0WNI3) <jonasbrand1712@gmail.com>

@ChrisSchneider ChrisSchneider left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the changes worked for me

@8R0WNI3 8R0WNI3 merged commit 698bfb1 into open-component-model:master Jul 7, 2026
19 checks passed
@8R0WNI3 8R0WNI3 deleted the local-setup branch July 7, 2026 07:54
@github-project-automation github-project-automation Bot moved this from 🔍 Review to 🍺 Done in Open Delivery Gear Jul 7, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area/ipcei Important Project of Common European Interest kind/chore chore, maintenance, etc.

Projects

Archived in project

Development

Successfully merging this pull request may close these issues.

2 participants