ci: use docker build workflow

[busla]

• feat(ci): Use new docker build (feat(ci): Use new docker build #17779)
• ci: use docker build workflow

Summary by CodeRabbit

• New Features

  • Introduced a new docker-build job in the pull request workflow to enhance Docker image build processes.

• Chores

  • Streamlined CI/CD workflows for Docker image construction, ensuring more reliable and efficient builds.
  • Adopted a structured JSON input format for project definitions and refined caching mechanisms.

• Refactor

  • Standardized naming conventions for Docker image stages to improve consistency and clarity.
  • Simplified job structures and control flows within workflow configurations for better maintainability.
  • Updated output handling for improved formatting in workflow steps.

[coderabbitai]

Warning

Rate limit exceeded

@busla has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 21 minutes and 54 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between c0399da and 4d0bae3.

📒 Files selected for processing (1)

• .github/workflows/docker.yml (8 hunks)

Walkthrough

This pull request updates several GitHub Actions workflows and related scripts to restructure the Docker image build process. The workflow files have modified input parameters and job configurations: the projects parameter is now a JSON array, job environments have been updated, and matrix strategies have been simplified. New jobs have been introduced in the pull request workflow, and references to external workflows have been added to streamline the build process. Additionally, Docker stage names have been renamed, and JSON keys in a Bash script have been adjusted.

Changes

File(s)	Change Summary
.github/workflows/docker.yml	Updated projects input from a comma-separated list to a JSON array; simplified AWS_CACHE_FROM_COMMON to deps-cache; restructured the prepare, deps, and build jobs including environment changes (e.g., runs-on from arc-runners to arc-docker) and removal of matrix outputs/strategies.
.github/workflows/push.yml	Renamed output variable from BUILD_CHUNKS to CHUNKS; modified the docker-build job to use an external workflow (docker.yml); updated job dependencies and removed redundant steps.
.github/workflows/pullrequest.yml	Introduced new job: docker-build (runs conditionally based on outputs and uses external workflow docker.yml with parameters projects and version).
scripts/ci/Dockerfile	Renamed Docker image stages from names prefixed with output- to those prefixed with docker- (e.g., output-express → docker-express), without altering the build commands or overall process.
scripts/ci/generate-docker-chunks.sh	Changed the JSON key in the generated output from projects to project, adjusting the structure of the output for downstream consumption.
.github/workflows/install.yml	Modified echo statements for CHUNKS variable output formatting in the job steps without changing the logic or control flow.

Possibly related PRs

• island-is/island.is#16716: The changes in the main PR and the retrieved PR are related through modifications in the .github/workflows/push.yml file, specifically regarding the docker-build job, which is referenced in both PRs.
• island-is/island.is#17531: The changes in the main PR regarding the Docker workflow in .github/workflows/docker.yml are related to the modifications in the Dockerfile in the retrieved PR, as both involve updates to the structure and handling of Docker builds, particularly with respect to the naming conventions and output paths.
• island-is/island.is#18041: The changes in the main PR regarding the docker.yml workflow are related to the modifications in the push.yml workflow, specifically in how the docker-build job's success is integrated into the control flow, reflecting a direct connection in the handling of job dependencies.

Suggested labels

docker build

Suggested reviewers

• robertaandersen

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[nx-cloud]

View your CI Pipeline Execution ↗ for commit 4d0bae3.

Command	Status	Duration	Result
nx run-many --target=codegen/frontend-client --...	✅ Succeeded	12s	View ↗
nx run-many --target=codegen/backend-schema --a...	✅ Succeeded	22s	View ↗

---

☁️ Nx Cloud last updated this comment at 2025-02-19 22:04:35 UTC

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (3)

scripts/ci/generate-chunks.sh (1)

20-21: Enhanced CI Debug Branch Handling:
The newly added condition checks if CI_DEBUG is true while TEST_EVERYTHING is not true, and then outputs a hard-coded JSON array of project names. Please confirm that the JSON array format (notably the embedded comma‐separated list in one of the items) meets your intended debugging requirements.

.github/workflows/docker.yml (2)

96-111: Refactored Docker Build-Args Preparation Step:
This step now retrieves the Node and Playwright image versions and outputs multi-line build arguments using tee. Note the inline comment “Duplicate for compatability”—consider updating the spelling to “compatibility” for clarity. Overall, the structure is clear and modular.

🧰 Tools

🪛 actionlint (1.7.4)

98-98: shellcheck reported issue in this script: SC2153:info:2:21: Possible misspelling: NODE_IMAGE_VERSION may not be assigned. Did you mean node_image_version?

(shellcheck)

---

301-319: App-Specific Build-Args Preparation:
This step gathers project-specific settings (like the source root from project.json) and forms build arguments accordingly. Consider adding error handling or defaults in case .sourceRoot is absent to avoid potential issues.

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 35f4eb1 and dc13f39.

📒 Files selected for processing (3)

• .github/workflows/docker.yml (6 hunks)
• .github/workflows/push.yml (1 hunks)
• scripts/ci/generate-chunks.sh (1 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

`scripts/**/*`: "Confirm that the code adheres to the follow...

scripts/**/*: "Confirm that the code adheres to the following:

• Script efficiency, readability, and maintainability.
• Usage of environmental variables and configuration files for flexibility.
• Integration with NX workspace utilities and commands."

• scripts/ci/generate-chunks.sh

🪛 actionlint (1.7.4)

.github/workflows/docker.yml

86-86: label "arc-runners" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

98-98: shellcheck reported issue in this script: SC2153:info:2:21: Possible misspelling: NODE_IMAGE_VERSION may not be assigned. Did you mean node_image_version?

(shellcheck)

---

180-180: label "arc-runners" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

217-217: label "arc-runners" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

284-284: label "arc-runners" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: prepare / install

🔇 Additional comments (21)

.github/workflows/docker.yml (18)

4-4: Updated Trigger Comment for Debug Mode:
The comment now specifies that the workflow can be triggered by labeling a pull request with “ci debug” instead of “docker build,” which improves clarity in the context of the new CI workflow.

---

21-24: Added 'build-args' Input Parameter:
A new optional input parameter build-args has been introduced in the workflow_call section. This enables passing additional Docker build arguments. Please verify that its description and type match your intended usage.

---

35-38: Included 'build-args' in Workflow Dispatch:
The manual trigger (workflow_dispatch) now supports a build-args input, ensuring consistency with the workflow_call configuration. This addition should enhance flexibility during manual runs.

---

45-47: Improved Concurrency Group Naming:
The concurrency group now incorporates the workflow name, head ref (or run ID), and event name, which should help uniquely identify concurrent runs. Please verify that this naming pattern meets your coordination needs.

---

53-80: Enhanced Environment Variables for Caching and Build:
This block introduces several new environment variables—such as NX_CLOUD_ACCESS_TOKEN, NX_TASKS_RUNNER, and various AWS S3 caching configurations—to support Docker build caching and improved build metadata. Ensure that all referenced secrets (e.g., S3_DOCKER_CACHE_BUCKET, vars.AWS_REGION) are correctly configured in your repository and CI environment.

---

85-86: Updated Job Trigger Condition and Runner Label:
The prepare job now runs when the event is not a pull request or when the pull request carries the “ci debug” label, and it is configured to run on the custom runner labeled arc-runners. Please confirm that the custom runner label is properly registered in your CI configuration (and in actionlint if applicable).

🧰 Tools

🪛 actionlint (1.7.4)

86-86: label "arc-runners" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

88-92: Refined Outputs for Build Matrix:
Outputs in the prepare job have been restructured to include build-matrix, deps-matrix, and build-args. These changes help standardize the data passed to downstream jobs.

---

113-147: Enhanced Build Matrix Creation:
The logic to create the build matrix now leverages conditions based on the “ci debug” and “test everything” labels and falls back to a representative subset if no projects are specified. Please verify that the splitting of the comma-separated project string and the subsequent JSON construction using jq produces the expected matrix format.

---

148-164: Updated Dependencies Matrix Generation:
The deps matrix is generated by grepping for targets containing “base” from the Dockerfile and then using jq to format the output. Ensure that the regular expression works reliably across different Dockerfile formats.

---

166-177: Added Debug Outputs Step:
A new step to print the outputs of previous steps (args-prep, build_matrix, and deps_matrix) has been added. This will be valuable for troubleshooting.

---

178-198: Codegen Job Adjustments:
The codegen job has been updated to include steps for checking out the repository, setting up Node and Yarn, and handling cache restoration and saving using the latest cache actions. Please verify that the caching keys and environment configurations continue to align with your overall build strategy.

🧰 Tools

🪛 actionlint (1.7.4)

180-180: label "arc-runners" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

216-222: Updated Docker-Build Dependencies Job:
The deps job now runs on arc-runners and uses a matrix constructed from the deps-matrix output. As with other custom runner labels, ensure that arc-runners is properly configured in your CI environment.

🧰 Tools

🪛 actionlint (1.7.4)

217-217: label "arc-runners" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

228-235: Verify Debug Inputs in Dependencies Job:
The “Debug inputs” step outputs the matrix variable. Please double-check that this correctly reflects the matrix derived from the deps-matrix output.

---

255-265: Set up Docker Buildx:
This step configures Docker Buildx using a driver option that specifies a Buildkit image from your AWS ECR repository. Confirm that the referenced image (moby/buildkit:buildx-stable-1) is current and available.

---

267-281: Dependencies Docker Build Step:
The step that builds (and caches) dependency layers now uses docker/build-push-action@v6 with explicit cache-from and cache-to settings drawn from environment variables. This should improve build speed if caching behaves as expected.

---

282-292: New Build Job for Docker Images:
The newly added build job processes projects defined in the build-matrix output. It is critical that the custom runner label (arc-runners) is correctly set up and that all dependencies (from the prepare, deps, and codegen jobs) are reliably passed along.

🧰 Tools

🪛 actionlint (1.7.4)

284-284: label "arc-runners" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

342-365: Enhanced Image Metadata Generation:
The image metadata step now adds a new raw tag with a priority setting for the merge commit SHA. Verify that both inputs.version and github.event.pull_request.merge_commit_sha are reliably populated in your environment to ensure tagging consistency.

---

383-404: Final Docker Build and Push Step:
The Docker build step now combines build arguments from multiple sources and sets caching parameters for a final image build. Ensure that the secret (nx_cloud_access_token) is correctly injected and that the cache keys match your desired caching strategy.

.github/workflows/push.yml (3)

258-264: Docker-build Job Setup in Push Workflow:
The docker-build job is configured to run on the custom runner arc-docker with a 45‑minute timeout and only executes if a build chunk is available. Please ensure that the arc-docker label is correctly set up and recognized in your CI environment.

🧰 Tools

🪛 actionlint (1.7.4)

262-262: label "arc-docker" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

315-346: Docker Build Arguments Preparation in Push Workflow:
This step constructs additional Docker build arguments, including handling the repository URL extraction and appending the NX cloud access token as a secret. The implementation is clear; just verify that all referenced environment variables, especially DOCKER_BASE_IMAGE_REGISTRY, are defined.

---

356-362: Consolidated Docker Build Step:
The Docker build process has been streamlined by delegating to an external workflow (install.yml). This consolidation reduces complexity in the push workflow. Ensure that the external workflow correctly processes the passed parameters (projects and version).

[AndesKrrrrrrrrrrr]

Look forward to seeing this in effect 🤩

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (3)

.github/workflows/docker.yml (3)

113-147: Matrix Creation for Build Step: The script generates a build matrix by filtering project files (project.json) using git ls-files, cat, and jq. The inline filtering (using select(... | if (...) then IN(...) else true end)) is clever but quite complex. Consider adding error handling or comments to clarify:

• What happens if no project.json files are found.
• Any assumptions about the format or content of these JSON files.

---

166-177: Debug Outputs Caution: The "Debug outputs" step prints out several internal variables. While this is useful for diagnostics, please ensure that no sensitive information is logged during normal CI runs.

---

301-319: Application-Specific Build-Args Preparation: This step extracts and formats build arguments based on the project’s project.json file. In particular, the use of a jq command with a regex in the sub("/src ?"; "") call should be verified for correctness. Adding inline comments for clarity on the expected format of .sourceRoot would aid future maintainability.

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between dc13f39 and 1b1e450.

📒 Files selected for processing (1)

• .github/workflows/docker.yml (6 hunks)

🧰 Additional context used

🪛 actionlint (1.7.4)

.github/workflows/docker.yml

86-86: label "arc-runners" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

180-180: label "arc-runners" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

217-217: label "arc-docker" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

284-284: label "arc-docker" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: prepare / install

🔇 Additional comments (12)

.github/workflows/docker.yml (12)

4-4: Trigger Label Update: The trigger comment now indicates that the workflow can be triggered by labeling a pull request with "ci debug". Ensure that all related documentation and any downstream processes correctly reference this updated trigger label.

---

21-24: New Input Parameter for Workflow Call: The addition of the build-args input (with description "Additional build-args (newline separated)") for workflow_call improves flexibility in passing extra build parameters. Verify that all downstream steps interpret and utilize these arguments as expected.

---

35-38: New Input Parameter for Workflow Dispatch: Similarly, the build-args input has been added to the manual dispatch trigger. Ensure that the behavior is consistent with the workflow_call input and that any consuming actions are updated accordingly.

---

45-46: Enhanced Concurrency Group Naming: The updated concurrency group expression now incorporates the workflow name, head reference (or run ID), and event name. This improves clarity in identifying concurrent runs.

---

53-79: Environment Variables for Caching and NX Cloud: New environment variables have been introduced (e.g., NX_CLOUD_ACCESS_TOKEN, NX_TASKS_RUNNER, AWS_CACHE_PREFIX, AWS_CACHE_FROM_COMMON, and AWS_CACHE_TO_COMMON) to support Docker build caching and integrate with NX Cloud. Please ensure that:

• Secrets (like NX_CLOUD_ACCESS_TOKEN and AWS keys) are handled securely.
• The added variables are adequately documented for future maintenance.

---

86-86: Runner Label 'arc-runners' Validation: The job in the prepare section uses the runner label "arc-runners", which isn’t among the default GitHub Actions labels. If this is a custom self-hosted runner label, ensure that your actionlint.yaml (or equivalent configuration) lists it; otherwise, consider switching to a supported label.

🧰 Tools

🪛 actionlint (1.7.4)

86-86: label "arc-runners" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

96-112: Docker Build-Args Preparation Step: This step prepares critical build arguments (e.g., node_image_version and playwright_image_version) and outputs them using a multi-line (here-document) approach. The implementation is clear—just confirm that the output formatting (especially with here-documents) meets the downstream parsing requirements.

---

148-164: Matrix Creation for Dependencies Step: This step builds the dependency matrix by grepping for targets in the Dockerfile (using a regex with a positive lookbehind). Please verify that the regex (?<= AS )\S*\bbase\b\S*$ correctly captures all intended targets without accidentally including unwanted ones.

---

217-217: Runner Label 'arc-docker' for Dependencies Job: The deps job uses the runner label "arc-docker", which, like "arc-runners", is not a standard label. Confirm that this label is intentional (i.e., that you are using a custom self-hosted runner) and that your runner configuration is updated accordingly.

🧰 Tools

🪛 actionlint (1.7.4)

217-217: label "arc-docker" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

284-284: Runner Label 'arc-docker' for Build Job: Similar to the dependencies job, the Docker build job specifies "arc-docker" as its runner. Ensure this custom label is correctly configured, or update it to a supported label if necessary.

🧰 Tools

🪛 actionlint (1.7.4)

284-284: label "arc-docker" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

342-366: Generate Image Metadata Step: This step utilizes docker/metadata-action to generate image metadata with multiple tagging strategies (including semver, SHA, and a raw tag for the merge commit SHA). Please verify that:

• The merge commit SHA and the optional inputs.version lead to the expected tag structure.
• The conditionals (enable=${{ !!inputs.version }}) behave as intended when inputs.version is missing.

---

383-404: Docker Build and Push Step: This final step aggregates build arguments from several sources (from needs.prepare.outputs.build-args, app-specific arguments, and inputs.build-args) and configures caching options for the final image. Double-check that:

• The precedence of build arguments is intentional.
• The caching keys (especially those under cache-from and cache-to) correctly leverage the AWS caching variables.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

.github/workflows/push.yml (1)

230-237: Enhanced "Prepare Docker targets" Step with JSON Output
The updated step renames the target preparation from "Prepare docker build targets" to "Prepare Docker targets" and now calls the build-specific script (generate-chunks.sh build). The step formats the output as a JSON object (i.e. {"projects":$CHUNKS}) for downstream consumption. Please verify that this JSON structure matches what the external workflow expects. Also, consider adding error handling or an explicit check if CHUNKS is empty or malformed to avoid potential downstream issues.

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1b1e450 and 5f44a50.

📒 Files selected for processing (1)

• .github/workflows/push.yml (2 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: prepare / install

🔇 Additional comments (1)

.github/workflows/push.yml (1)

253-261: Streamlined "docker-build" Job Using External Workflow
The docker-build job has been refactored to conditionally run based on needs.prepare.outputs.BUILD_CHUNKS and now leverages an external workflow (.github/workflows/docker.yml). Parameters for projects and version are passed from the prepare job outputs, which improves maintainability and reusability of the build logic. Ensure that the condition correctly filters out cases where no build chunks are available—if BUILD_CHUNKS might be an empty string or a falsy JSON object, you might want to use an explicit check (e.g. comparing against an empty array). Also, the use of template expressions here (e.g. ${{ needs.prepare.outputs.DOCKER_TAG }}) is consistent with earlier recommendations.

[github-actions]

Affected services are:
Feature deployment of your services will begin shortly. Your feature will be accessible here:

Deployed services: .
Excluded services: ``

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5f44a50 and e24a44d.

📒 Files selected for processing (2)

• .github/workflows/pullrequest.yml (1 hunks)
• .github/workflows/push.yml (2 hunks)

🧰 Additional context used

🪛 actionlint (1.7.4)

.github/workflows/pullrequest.yml

233-233: property "docker_tag" is not defined in object type {build_chunks: string; deploy_feature: string; docker_chunks: string; e2e_build_id: string; e2e_chunks: string; lint_chunks: string; nx_base: string; nx_head: string; test_chunks: string}

(expression)

🔇 Additional comments (2)

.github/workflows/push.yml (2)

230-238: Ensure Consistent JSON Structure for Build Chunks

In the "Prepare Docker targets" step, the script captures build chunks using generate-chunks.sh and outputs them as a JSON object with the key projects. Please double-check that the generated $CHUNKS is a valid JSON array and that wrapping it in {"projects":$CHUNKS} meets downstream expectations. A brief inline comment explaining the JSON structure might also aid future maintainers.

---

252-261: Confirm Parameter Consistency in Docker-Build Step

The docker-build step now passes parameters from the prepare job outputs:

• projects: ${{ needs.prepare.outputs.BUILD_CHUNKS }}
• version: ${{ needs.prepare.outputs.DOCKER_TAG }}

Please ensure that these output names precisely match what is defined in the prepare job (especially DOCKER_TAG, which the static analysis hints might be missing). Note that a previous reviewer suggested using environment variables (e.g., ${{ env.AFFECTED_PROJECTS }} and ${{ DOCKER_TAG }}) for consistency. If the change to using outputs is intentional and correct, it would be good to update documentation or inline comments to explain the rationale.

[coderabbitai]

⚠️ Potential issue

Verify the New Docker-Build Job Configuration

The newly added docker-build job is well structured and clearly separates its responsibilities by offloading the Docker build logic to the external workflow (docker.yml). However, please verify that the output property DOCKER_TAG exists in the prepare job’s outputs. The static analysis hint indicates that this property might not be defined, which could lead to runtime failures. Also, confirm that the condition using needs.prepare.outputs.DEPLOY_FEATURE == 'true' correctly reflects your deployment criteria.

🧰 Tools

🪛 actionlint (1.7.4)

233-233: property "docker_tag" is not defined in object type {build_chunks: string; deploy_feature: string; docker_chunks: string; e2e_build_id: string; e2e_chunks: string; lint_chunks: string; nx_base: string; nx_head: string; test_chunks: string}

(expression)

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

.github/workflows/docker.yml (1)

243-251: Consolidate Shell Output Redirections
In the “Gather apps” step, multiple echo statements write separately to $GITHUB_ENV. For improved efficiency and readability, consider consolidating these into a single redirection block (e.g., using { ... } >> "$GITHUB_ENV").

🧰 Tools

🪛 actionlint (1.7.4)

245-245: shellcheck reported issue in this script: SC2129:style:6:1: Consider using { cmd1; cmd2; } >> file instead of individual redirects

(shellcheck)

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e24a44d and 9a60201.

📒 Files selected for processing (5)

• .github/workflows/docker.yml (8 hunks)
• .github/workflows/pullrequest.yml (2 hunks)
• .github/workflows/push.yml (3 hunks)
• scripts/ci/Dockerfile (6 hunks)
• scripts/ci/generate-docker-chunks.sh (1 hunks)

✅ Files skipped from review due to trivial changes (1)

• scripts/ci/Dockerfile

🧰 Additional context used

📓 Path-based instructions (1)

`scripts/**/*`: "Confirm that the code adheres to the follow...

scripts/**/*: "Confirm that the code adheres to the following:

• Script efficiency, readability, and maintainability.
• Usage of environmental variables and configuration files for flexibility.
• Integration with NX workspace utilities and commands."

• scripts/ci/generate-docker-chunks.sh

🪛 actionlint (1.7.4)

.github/workflows/pullrequest.yml

54-54: label "arc-runners" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

241-241: property "docker_tag" is not defined in object type {build_chunks: string; deploy_feature: string; docker_chunks: string; e2e_build_id: string; e2e_chunks: string; lint_chunks: string; nx_base: string; nx_head: string; test_chunks: string}

(expression)

.github/workflows/docker.yml

148-148: label "arc-docker" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

203-203: label "arc-docker" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

245-245: shellcheck reported issue in this script: SC2129:style:6:1: Consider using { cmd1; cmd2; } >> file instead of individual redirects

(shellcheck)

🔇 Additional comments (10)

scripts/ci/generate-docker-chunks.sh (1)

36-41: JSON Key Renaming – Validate Downstream Impact
The JSON object now uses the key "project" (instead of "projects") when outputting data. Please ensure that any downstream scripts or workflows (for example, those consuming the JSON array in the Docker build workflows) have been updated accordingly to parse this new key structure.

.github/workflows/pullrequest.yml (2)

51-59: Runner Label “arc-runners” Verification
The newly added debug job (lines 51–59) specifies runs-on: arc-runners. Confirm that this custom label is correctly configured in your runner setup or update your actionlint configuration if it is intended as a self-hosted runner label.

🧰 Tools

🪛 actionlint (1.7.4)

54-54: label "arc-runners" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

234-242: Docker-Build Job Configuration Check
The docker-build job now uses an external workflow (docker.yml) and passes inputs from the prepare job (namely, BUILD_CHUNKS and DOCKER_TAG). Please verify that these outputs are always defined and that the condition needs.prepare.outputs.DEPLOY_FEATURE == 'true' correctly reflects your deployment criteria.

🧰 Tools

🪛 actionlint (1.7.4)

241-241: property "docker_tag" is not defined in object type {build_chunks: string; deploy_feature: string; docker_chunks: string; e2e_build_id: string; e2e_chunks: string; lint_chunks: string; nx_base: string; nx_head: string; test_chunks: string}

(expression)

.github/workflows/docker.yml (4)

17-21: Workflow Input Enhancement for Projects
The input for projects is now documented as a JSON array of project objects. This structured approach should improve downstream parsing but make sure that any previous parsers expecting a comma-separated list are updated to handle the new format.

---

70-72: Updated AWS_CACHE_FROM_COMMON Parameter
The AWS_CACHE_FROM_COMMON variable now includes name=deps-cache. Please confirm that the caching mechanism works as expected with this change and that it aligns with the new Docker build caching strategy.

---

148-149: Custom Runner Label “arc-docker” in ‘deps’ Job
The deps job now runs on arc-docker. Since static analysis hints flag this label as unknown, ensure that this label is properly registered (or that your custom runner configuration accounts for it) so that the job executes as expected.

🧰 Tools

🪛 actionlint (1.7.4)

148-148: label "arc-docker" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

202-203: Custom Runner Label “arc-docker” in ‘build’ Job
Similarly, the build job specifies runs-on: arc-docker. Verify that your CI setup recognizes this label or update the configuration if needed to avoid potential runner selection issues.

🧰 Tools

🪛 actionlint (1.7.4)

203-203: label "arc-docker" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

.github/workflows/push.yml (3)

75-82: Renaming and Consistency of Build Chunks Output
The prepare job now outputs BUILD_CHUNKS (renamed from a previous key) from steps.build_map.outputs.CHUNKS. Please ensure that all downstream jobs consuming this output (including the docker-build job) correctly reference the updated value and naming convention.

🧰 Tools

🪛 actionlint (1.7.4)

79-79: property "git_nx_base" is not defined in object type {build_map: {conclusion: string; outcome: string; outputs: {string => string}}; deploy_map: {conclusion: string; outcome: string; outputs: {string => string}}; docker_tags: {conclusion: string; outcome: string; outputs: {string => string}}; git_nx_head: {conclusion: string; outcome: string; outputs: {string => string}}; nodejs_image: {conclusion: string; outcome: string; outputs: {string => string}}; set-branch-env: {conclusion: string; outcome: string; outputs: {string => string}}; slack: {conclusion: string; outcome: string; outputs: {}}; test_projects: {conclusion: string; outcome: string; outputs: {string => string}}}

(expression)

---

82-82: property "calculate_node_modules_hash" is not defined in object type {build_map: {conclusion: string; outcome: string; outputs: {string => string}}; deploy_map: {conclusion: string; outcome: string; outputs: {string => string}}; docker_tags: {conclusion: string; outcome: string; outputs: {string => string}}; git_nx_head: {conclusion: string; outcome: string; outputs: {string => string}}; nodejs_image: {conclusion: string; outcome: string; outputs: {string => string}}; set-branch-env: {conclusion: string; outcome: string; outputs: {string => string}}; slack: {conclusion: string; outcome: string; outputs: {}}; test_projects: {conclusion: string; outcome: string; outputs: {string => string}}}

(expression)

---

254-263: External Workflow Invocation in Docker-Build Job
The docker-build job invokes the external Docker workflow (docker.yml) and passes inputs via projects: ${{ needs.prepare.outputs.BUILD_CHUNKS }} and
version: ${{ needs.prepare.outputs.DOCKER_TAG }}. Confirm that the external workflow is designed to receive a JSON array for projects and that the version/tag parameter is handled properly. This ensures consistency across your Docker build pipeline.

---

265-275: Helm-Docker-Build Job Dependency and Label Consistency
The helm-docker-build job now depends on docker-build and uses outputs like DOCKER_TAG and NODE_IMAGE_VERSION from the prepare job. Verify that these dependencies accurately reflect your sequential build and deploy logic and that there is consistency in label usage (e.g., the use of arc-runners for this job).

🧰 Tools

🪛 actionlint (1.7.4)

269-269: label "arc-runners" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

[coderabbitai]

Actionable comments posted: 1

🔭 Outside diff range comments (1)

.github/workflows/push.yml (1)

75-80: ⚠️ Potential issue

Ensure Consistent Output Variable Naming
The prepare job’s outputs still use BUILD_CHUNKS on the left-hand side even though the PR objectives and enriched summary indicate a rename to CHUNKS. This inconsistency may lead to downstream references being mismatched.

Consider applying this diff:

-      BUILD_CHUNKS: ${{ steps.build_map.outputs.CHUNKS }}
+      CHUNKS: ${{ steps.build_map.outputs.CHUNKS }}

🧰 Tools

🪛 actionlint (1.7.4)

79-79: property "git_nx_base" is not defined in object type {build_map: {conclusion: string; outcome: string; outputs: {string => string}}; deploy_map: {conclusion: string; outcome: string; outputs: {string => string}}; docker_tags: {conclusion: string; outcome: string; outputs: {string => string}}; git_nx_head: {conclusion: string; outcome: string; outputs: {string => string}}; nodejs_image: {conclusion: string; outcome: string; outputs: {string => string}}; set-branch-env: {conclusion: string; outcome: string; outputs: {string => string}}; slack: {conclusion: string; outcome: string; outputs: {}}; test_projects: {conclusion: string; outcome: string; outputs: {string => string}}}

(expression)

🧹 Nitpick comments (1)

.github/workflows/push.yml (1)

232-238: Review Shell Command Output Handling for Docker Chunks
The script block that generates Docker build targets via generate-docker-chunks.sh is clear. As an optional improvement, consider quoting the CHUNKS variable in the output (e.g. using echo "CHUNKS: '$CHUNKS'") to robustly handle any whitespace or unexpected values.

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9a60201 and acd74ec.

📒 Files selected for processing (1)

• .github/workflows/push.yml (3 hunks)

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: linting (application-templates-social-insurance-administration-additional-support-for-the-elderly...

🔇 Additional comments (2)

.github/workflows/push.yml (2)

245-248: Verify Variable Assignment Consistency in Deployment Targets
In the “Prepare deployment targets” step, the variable CHUNKS is re-assigned using steps.build_map.outputs.CHUNKS. Please confirm that this assignment aligns with the newly intended naming for build chunks.

---

264-269: Confirm Dependency on Docker Build Job
The helm-docker-build job now explicitly depends on the docker-build job by listing it among its needs. This change ensures that the Helm-related Docker build runs only after the Docker images have been built. Verify that this dependency order aligns with the overall deployment and testing strategy.

🧰 Tools

🪛 actionlint (1.7.4)

269-269: label "arc-runners" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

[coderabbitai]

⚠️ Potential issue

Align Docker Build Job References with Updated Naming
Within the docker-build job, the conditional and input parameters still reference needs.prepare.outputs.BUILD_CHUNKS. To be consistent with the renaming (as indicated by the PR objectives), these references should be updated to use CHUNKS.

Apply this diff:

-    if: needs.prepare.outputs.BUILD_CHUNKS
+    if: needs.prepare.outputs.CHUNKS
...
-      projects: ${{ needs.prepare.outputs.BUILD_CHUNKS }}
+      projects: ${{ needs.prepare.outputs.CHUNKS }}

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	docker-build:
	if: needs.prepare.outputs.BUILD_CHUNKS
	needs:
	- pre-checks
	- prepare
	runs-on: arc-docker
	timeout-minutes: 45
	if: needs.prepare.outputs.BUILD_CHUNKS
	env:
	AFFECTED_ALL: ${{ secrets.AFFECTED_ALL }}
	GIT_BRANCH: ${{ needs.pre-checks.outputs.GIT_BRANCH}}
	DOCKER_TAG: ${{ needs.prepare.outputs.DOCKER_TAG}}
	NODE_IMAGE_VERSION: ${{ needs.prepare.outputs.NODE_IMAGE_VERSION}}
	PUBLISH: true
	DISABLE_CHUNKS: true
	MAX_JOBS: 3
	NX_PARALLEL: 1
	strategy:
	fail-fast: false
	matrix:
	chunk: ${{ fromJson(needs.prepare.outputs.BUILD_CHUNKS) }}
	steps:
	- name: Gather apps
	id: gather
	run: |
	set -euo pipefail
	AFFECTED_PROJECTS="$(echo '${{ matrix.chunk }}' | jq -r '.projects')"
	DOCKER_TYPE="$(echo '${{ matrix.chunk }}' | jq -r '.docker_type')"
	APP_HOME="$(echo '${{ matrix.chunk }}' | jq -r '.home')"
	APP_DIST_HOME="$(echo '${{ matrix.chunk }}' | jq -r '.dist')"
	echo AFFECTED_PROJECTS="$AFFECTED_PROJECTS" >> "$GITHUB_ENV"
	echo DOCKER_TYPE="$DOCKER_TYPE" >> "$GITHUB_ENV"
	echo APP_HOME="$APP_HOME" >> "$GITHUB_ENV"
	echo APP_DIST_HOME="$APP_DIST_HOME" >> "$GITHUB_ENV"
	continue-on-error: true
	- uses: actions/checkout@v4
	if: steps.gather.outcome == 'success'
	- name: Restore generated files
	uses: runs-on/cache/restore@v4
	id: restore-generated-files-cache
	with:
	path: |
	${{ env.GENERATED_FILES }}
	key: generated-files-${{ github.sha }}
	- name: Extract generated files
	run: |
	tar -xzvf ${{ env.GENERATED_FILES }}
	- name: Docker login to ECR repo
	if: steps.gather.outcome == 'success'
	run: ./scripts/ci/docker-login-ecr.sh
	env:
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	- name: Prepare Docker build arguments
	id: dockerargs
	if: steps.gather.outcome == 'success'
	env:
	NODE_IMAGE_VERSION: ${{ needs.prepare.outputs.NODE_IMAGE_VERSION }}
	GIT_COMMIT_SHA: ${{ github.sha }}
	DOCKER_BASE_IMAGE_REGISTRY: ${{ env.DOCKER_BASE_IMAGE_REGISTRY }}
	run: |
	set -x
	# Strip protocol prefix and .git postfix
	SERVER_URL="${{ github.server_url }}/${{ github.repository }}"
	SERVER_URL="${SERVER_URL#*://}"
	SERVER_URL="${SERVER_URL%.git}"
	build_args=(
	--build-arg="DOCKER_IMAGE_REGISTRY=${DOCKER_BASE_IMAGE_REGISTRY}"
	--build-arg="NODE_IMAGE_VERSION=${NODE_IMAGE_VERSION}"
	--build-arg="GIT_BRANCH=${GIT_BRANCH}"
	--build-arg="GIT_COMMIT_SHA=${GIT_COMMIT_SHA}"
	--build-arg="GIT_REPOSITORY_URL=${SERVER_URL}"
	--build-arg="NX_PARALLEL=${NX_PARALLEL}"
	--build-arg="NX_MAX_PARALLEL=${NX_MAX_PARALLEL}"
	--build-arg="NX_TASKS_RUNNER=ci"
	)
	export EXTRA_DOCKER_BUILD_ARGS="${build_args[*]}"
	echo "EXTRA_DOCKER_BUILD_ARGS=${EXTRA_DOCKER_BUILD_ARGS}" >> "${GITHUB_ENV}"
	# Create a temporary file with the NX_CLOUD_ACCESS_TOKEN
	echo "${{ secrets.NX_CLOUD_ACCESS_TOKEN }}" > nx_cloud_access_token.txt
	# Add secret to EXTRA_DOCKER_BUILD_ARGS
	echo "EXTRA_DOCKER_BUILD_ARGS=${EXTRA_DOCKER_BUILD_ARGS} --secret id=nx_cloud_access_token,src=nx_cloud_access_token.txt" >> "${GITHUB_ENV}"
	- name: Check if cached buildx image exists
	id: cache-check
	run: |
	if ! docker pull ${{vars.AWS_ECR_REPO_BASE}}/moby/buildkit:buildx-stable-1 ; then
	docker pull docker.io/moby/buildkit:buildx-stable-1
	docker tag docker.io/moby/buildkit:buildx-stable-1 ${{vars.AWS_ECR_REPO_BASE}}/moby/buildkit:buildx-stable-1
	docker push ${{vars.AWS_ECR_REPO_BASE}}/moby/buildkit:buildx-stable-1
	fi
	- name: Building Docker images
	continue-on-error: true
	id: dockerbuild
	if: steps.gather.outcome == 'success'
	env:
	NODE_IMAGE_VERSION: ${{ needs.prepare.outputs.NODE_IMAGE_VERSION }}
	GIT_COMMIT_SHA: ${{ github.sha }}
	DOCKER_BASE_IMAGE_REGISTRY: ${{ env.DOCKER_BASE_IMAGE_REGISTRY }}
	run: |
	set -x
	echo "Node image tag is: '${NODE_IMAGE_VERSION}'"
	echo "Docker build args are: 'EXTRA_DOCKER_BUILD_ARGS'"
	export EXTRA_DOCKER_BUILD_ARGS
	./scripts/ci/run-in-parallel.sh "90_${DOCKER_TYPE}"
	- name: Building Docker images Retry
	if: steps.gather.outcome == 'success' && steps.dockerbuild.outcome == 'failure'
	env:
	NODE_IMAGE_VERSION: ${{ needs.prepare.outputs.NODE_IMAGE_VERSION }}
	GIT_COMMIT_SHA: ${{ github.sha }}
	DOCKER_BASE_IMAGE_REGISTRY: ${{ env.DOCKER_BASE_IMAGE_REGISTRY }}
	run: |
	set -x
	echo "Node image tag is: '${NODE_IMAGE_VERSION}'"
	echo "Docker build args are: 'EXTRA_DOCKER_BUILD_ARGS'"
	export EXTRA_DOCKER_BUILD_ARGS
	./scripts/ci/run-in-parallel.sh "90_${DOCKER_TYPE}"
	uses: ./.github/workflows/docker.yml
	with:
	projects: ${{ needs.prepare.outputs.BUILD_CHUNKS }}
	version: ${{ needs.prepare.outputs.DOCKER_TAG }}
	docker-build:
	- if: needs.prepare.outputs.BUILD_CHUNKS
	+ if: needs.prepare.outputs.CHUNKS
	needs:
	- pre-checks
	- prepare
	uses: ./.github/workflows/docker.yml
	with:
	- projects: ${{ needs.prepare.outputs.BUILD_CHUNKS }}
	+ projects: ${{ needs.prepare.outputs.CHUNKS }}
	version: ${{ needs.prepare.outputs.DOCKER_TAG }}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

.github/workflows/pullrequest.yml (1)

51-59: Review Debug Job: Verify Output Variable and Runner Label

The new debug job is a useful addition for inspecting the outputs from the prepare job. However, note the following:

• Output Variable Name: The step echoes BUILD_CHUNKS (line 58), but based on the PR summary the prepare job’s output may have been renamed to CHUNKS. Please verify that the correct output name is used, and update the echo statement if needed.
• Runner Label: The runs-on field uses the label arc-runners (line 54). Static analysis indicates that this label is not standard. If arc-runners is a custom self-hosted runner label, ensure that it is correctly defined in your configuration (or consider using one of the standard labels if appropriate).

For example, if the output has been renamed, consider:

-          echo "BUILD_CHUNKS: ${{ needs.prepare.outputs.BUILD_CHUNKS }}"
+          echo "CHUNKS: ${{ needs.prepare.outputs.CHUNKS }}"

🧰 Tools

🪛 actionlint (1.7.4)

54-54: label "arc-runners" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between acd74ec and 744b5d7.

📒 Files selected for processing (1)

• .github/workflows/pullrequest.yml (2 hunks)

🧰 Additional context used

🪛 actionlint (1.7.4)

.github/workflows/pullrequest.yml

54-54: label "arc-runners" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

241-241: property "docker_tag" is not defined in object type {build_chunks: string; deploy_feature: string; docker_chunks: string; e2e_build_id: string; e2e_chunks: string; lint_chunks: string; nx_base: string; nx_head: string; test_chunks: string}

(expression)

[coderabbitai]

⚠️ Potential issue

Review Docker-Build Job: Validate Output and Input Parameters

The new docker-build job is well structured in that it conditions execution based on the DOCKER_CHUNKS and DEPLOY_FEATURE outputs from the prepare job. However, please double-check the following:

• Output Property for Version: The job passes version: ${{ needs.prepare.outputs.DOCKER_TAG }} (line 241). Static analysis indicates that a property named docker_tag does not exist in the prepare job’s output object. Ensure that the prepare job defines DOCKER_TAG (or adjust the reference accordingly) so the external workflow (docker.yml) receives the correct version.
• Overall Consistency: Verify that the external workflow (docker.yml) is configured to accept the parameters projects and version as provided.

🧰 Tools

🪛 actionlint (1.7.4)

241-241: property "docker_tag" is not defined in object type {build_chunks: string; deploy_feature: string; docker_chunks: string; e2e_build_id: string; e2e_chunks: string; lint_chunks: string; nx_base: string; nx_head: string; test_chunks: string}

(expression)

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (1)

.github/workflows/pullrequest.yml (1)

236-244: ⚠️ Potential issue

Validate 'DOCKER_TAG' Output in Docker-Build Job

The docker-build job passes version: ${{ needs.prepare.outputs.DOCKER_TAG }} to the external workflow. However, static analysis and previous reviews indicate that the prepare job does not define an output property named DOCKER_TAG (the outputs include properties such as build_chunks, docker_chunks, etc.). Please verify that the prepare job is updated to export DOCKER_TAG or adjust this reference to match the correct output key.

🧰 Tools

🪛 actionlint (1.7.4)

243-243: property "docker_tag" is not defined in object type {build_chunks: string; deploy_feature: string; docker_chunks: string; e2e_build_id: string; e2e_chunks: string; lint_chunks: string; nx_base: string; nx_head: string; test_chunks: string}

(expression)

🧹 Nitpick comments (1)

.github/workflows/pullrequest.yml (1)

51-60: Runner Label Verification for Debug Job

The newly added debug job uses runs-on: arc-runners, but static analysis indicates that "arc-runners" is not among the standard runner labels. If this is a custom self-hosted runner label, please ensure that it is correctly configured (for example, by updating your actionlint.yaml if needed). Otherwise, consider switching to one of the recognized labels like ubuntu-latest or another appropriate option.

🧰 Tools

🪛 actionlint (1.7.4)

54-54: label "arc-runners" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 744b5d7 and 1a86f0f.

📒 Files selected for processing (1)

• .github/workflows/pullrequest.yml (2 hunks)

🧰 Additional context used

🪛 actionlint (1.7.4)

.github/workflows/pullrequest.yml

54-54: label "arc-runners" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

243-243: property "docker_tag" is not defined in object type {build_chunks: string; deploy_feature: string; docker_chunks: string; e2e_build_id: string; e2e_chunks: string; lint_chunks: string; nx_base: string; nx_head: string; test_chunks: string}

(expression)

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

.github/workflows/install.yml (1)

167-169: Refined echo statements for CHUNKS variable

The updates in these lines improve the clarity and consistency of how the CHUNKS variable is output. Removing the single quotes in the debug log (line 167) now displays the variable’s value directly, which enhances readability. Additionally, the revised echo command on line 169—with explicit double quotes around the assignment—helps ensure that any whitespace or special characters in CHUNKS are handled correctly when writing to GITHUB_OUTPUT. Please verify that these changes align with the expectations of downstream steps that consume this output.

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1a86f0f and d213ffd.

📒 Files selected for processing (3)

• .github/workflows/install.yml (1 hunks)
• .github/workflows/push.yml (4 hunks)
• scripts/ci/generate-docker-chunks.sh (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• scripts/ci/generate-docker-chunks.sh
• .github/workflows/push.yml

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

.github/workflows/docker.yml (2)

105-109: Prepare Matrix Step: JSON Conversion Review
The Prepare matrix step uses the command:

MATRIX_CHUNKS="$(echo "${{ inputs.projects }}" | jq -cM '. | map("\(.|tostring)")')"

Please verify that converting each project object to its string representation via tostring meets the requirements of the subsequent "Gather apps" step. If preserving the object structure is important, consider outputting a JSON array of objects instead of strings.

---

250-262: Gather Apps Step: Matrix Chunk Extraction
In the "Gather apps" step, environment variables are extracted from matrix.chunk using jq. Please ensure that the matrix chunk elements are in the expected JSON format. If possible, consider refactoring the matrix output so that downstream extraction can use native YAML expressions rather than an extra jq call.

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between d213ffd and d9ee083.

📒 Files selected for processing (3)

• .github/workflows/docker.yml (9 hunks)
• .github/workflows/install.yml (1 hunks)
• .github/workflows/push.yml (4 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• .github/workflows/install.yml

🧰 Additional context used

🪛 actionlint (1.7.4)

.github/workflows/docker.yml

155-155: label "arc-docker" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

210-210: label "arc-docker" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

🔇 Additional comments (10)

.github/workflows/docker.yml (8)

17-20: Input Parameter Update: JSON Array for Projects
The updated description now clearly indicates that the projects input should be a JSON array of project objects. Please verify that all downstream steps expect and correctly parse this JSON format.

---

70-72: AWS Cache From Update
The AWS_CACHE_FROM_COMMON variable has been refactored to use a single cache name (deps-cache), which simplifies the configuration. This change looks good.

---

83-85: Matrix-Chunks Output Introduction
The new output matrix-chunks replaces the previous outputs from the prepare step. Ensure that any references downstream correctly use this new output value.

---

155-155: Runner Label Verification for 'arc-docker' in Deps Job
The deps job now uses runs-on: arc-docker. Static analysis indicates that this label is not one of the standard runner labels. If arc-docker is intended as a custom self-hosted label, please ensure it is properly configured in your actionlint YAML.

🧰 Tools

🪛 actionlint (1.7.4)

155-155: label "arc-docker" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

209-210: Runner Label Verification in Build Job
Similarly, the build job now uses runs-on: arc-docker. Please double-check that this label is valid and recognized by GitHub Actions or that it is properly set up as a custom label in your environment.

🧰 Tools

🪛 actionlint (1.7.4)

210-210: label "arc-docker" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

218-218: Matrix Parsing in Build Job
The matrix is now set with:

matrix:
  chunk: ${{ fromJson(needs.prepare.outputs.matrix-chunks) }}

This approach should work provided that the output of the "Prepare matrix" step is valid JSON. Confirm that the JSON conversion from the previous step matches this expectation.

---

307-320: Dynamic Docker Build Configuration
The Docker build step successfully leverages dynamic values from matrix.chunk (e.g., using ${{ matrix.chunk.docker_type }} for the build target) and passes build arguments appropriately. This flexible configuration is well implemented. Just verify that build arguments from both the prepare step and direct inputs merge correctly during the build.

---

323-324: Cache-from Configuration Consistency
The cache-from configuration now consistently uses name=cache-deps. This standardization should help manage caching more effectively.

.github/workflows/push.yml (2)

75-81: Output Variable Naming Consistency for Docker Chunks
The prepare job outputs the variable BUILD_CHUNKS using the value from steps.build_map.outputs.CHUNKS. Given the recent changes favoring the CHUNKS naming convention, consider renaming this output variable (and its references) to CHUNKS for consistency across the workflows.

🧰 Tools

🪛 actionlint (1.7.4)

79-79: property "git_nx_base" is not defined in object type {build_map: {conclusion: string; outcome: string; outputs: {string => string}}; deploy_map: {conclusion: string; outcome: string; outputs: {string => string}}; docker_tags: {conclusion: string; outcome: string; outputs: {string => string}}; git_nx_head: {conclusion: string; outcome: string; outputs: {string => string}}; nodejs_image: {conclusion: string; outcome: string; outputs: {string => string}}; set-branch-env: {conclusion: string; outcome: string; outputs: {string => string}}; slack: {conclusion: string; outcome: string; outputs: {}}; test_projects: {conclusion: string; outcome: string; outputs: {string => string}}}

(expression)

---

253-261: Align Docker Build Job References with Updated Naming
In the docker-build job, the condition and input for projects are still referencing needs.prepare.outputs.BUILD_CHUNKS. If the intent is to switch to the new naming (CHUNKS), please update these references accordingly to ensure consistency with the rest of the workflow.

[coderabbitai]

Actionable comments posted: 1

🔭 Outside diff range comments (1)

.github/workflows/push.yml (1)

75-81: 🛠️ Refactor suggestion

Rename Prepare Job Output for Consistency.
Within the prepare job outputs, the Docker build targets are currently set as:

BUILD_CHUNKS: ${{ steps.build_map.outputs.CHUNKS }}

Per the PR objectives and updated naming conventions, consider renaming this output variable to CHUNKS. This renaming will promote consistency and simplify downstream references in the workflow.

Suggested diff:

-      BUILD_CHUNKS: ${{ steps.build_map.outputs.CHUNKS }}
+      CHUNKS: ${{ steps.build_map.outputs.CHUNKS }}

🧰 Tools

🪛 actionlint (1.7.4)

79-79: property "git_nx_base" is not defined in object type {build_map: {conclusion: string; outcome: string; outputs: {string => string}}; deploy_map: {conclusion: string; outcome: string; outputs: {string => string}}; docker_tags: {conclusion: string; outcome: string; outputs: {string => string}}; git_nx_head: {conclusion: string; outcome: string; outputs: {string => string}}; nodejs_image: {conclusion: string; outcome: string; outputs: {string => string}}; set-branch-env: {conclusion: string; outcome: string; outputs: {string => string}}; slack: {conclusion: string; outcome: string; outputs: {}}; test_projects: {conclusion: string; outcome: string; outputs: {string => string}}}

(expression)

♻️ Duplicate comments (1)

.github/workflows/push.yml (1)

252-261: 🛠️ Refactor suggestion

Update docker-build Job to Reflect Renamed Output.
The docker-build job currently references the prepare output as needs.prepare.outputs.BUILD_CHUNKS (lines 253 and 259). With the updated output name, these should be changed to needs.prepare.outputs.CHUNKS to ensure consistency across the workflow.

Suggested diffs:

-    if: needs.prepare.outputs.BUILD_CHUNKS
+    if: needs.prepare.outputs.CHUNKS

-      projects: ${{ needs.prepare.outputs.BUILD_CHUNKS }}
+      projects: ${{ needs.prepare.outputs.CHUNKS }}

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e1e51dd and 0741195.

📒 Files selected for processing (2)

• .github/workflows/pullrequest.yml (2 hunks)
• .github/workflows/push.yml (4 hunks)

🧰 Additional context used

🪛 actionlint (1.7.4)

.github/workflows/pullrequest.yml

54-54: label "arc-runners" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

---

243-243: property "docker_tag" is not defined in object type {build_chunks: string; deploy_feature: string; docker_chunks: string; e2e_build_id: string; e2e_chunks: string; lint_chunks: string; nx_base: string; nx_head: string; test_chunks: string}

(expression)

🔇 Additional comments (2)

.github/workflows/pullrequest.yml (1)

51-60: Review of the 'debug' job and runner label usage.
The newly added debug job is structured well for output verification of the prepare job. However, the job uses the runner label arc-runners (line 54). Please verify that this label is properly defined in your GitHub Actions configuration or update it to one of the recognized labels, as static analysis indicates it may be unrecognized.

🧰 Tools

🪛 actionlint (1.7.4)

54-54: label "arc-runners" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

.github/workflows/push.yml (1)

62-62: Verify Runner Label 'arc-runners' Across Jobs.
Several jobs in this workflow (e.g., at lines 62, 268, 315, 369, and 386) use the runner label arc-runners. Please ensure that this custom runner label is correctly configured in your GitHub Actions environment or update these references to a recognized runner label.

Also applies to: 268-268, 315-315, 369-369, 386-386

🧰 Tools

🪛 actionlint (1.7.4)

62-62: label "arc-runners" is unknown. available labels are "windows-latest", "windows-latest-8-cores", "windows-2022", "windows-2019", "ubuntu-latest", "ubuntu-latest-4-cores", "ubuntu-latest-8-cores", "ubuntu-latest-16-cores", "ubuntu-24.04", "ubuntu-22.04", "ubuntu-20.04", "macos-latest", "macos-latest-xl", "macos-latest-xlarge", "macos-latest-large", "macos-15-xlarge", "macos-15-large", "macos-15", "macos-14-xl", "macos-14-xlarge", "macos-14-large", "macos-14", "macos-13-xl", "macos-13-xlarge", "macos-13-large", "macos-13", "macos-12-xl", "macos-12-xlarge", "macos-12-large", "macos-12", "self-hosted", "x64", "arm", "arm64", "linux", "macos", "windows". if it is a custom label for self-hosted runner, set list of labels in actionlint.yaml config file

(runner-label)

[coderabbitai]

⚠️ Potential issue

Validate Expected Prepare Outputs for the Docker Build Workflow.
The docker-build job correctly leverages the external workflow (docker.yml) and passes projects from DOCKER_CHUNKS alongside version from DOCKER_TAG. Please ensure that the prepare job truly defines the output property DOCKER_TAG—its absence or misnaming could lead to runtime failures.

🧰 Tools

🪛 actionlint (1.7.4)

243-243: property "docker_tag" is not defined in object type {build_chunks: string; deploy_feature: string; docker_chunks: string; e2e_build_id: string; e2e_chunks: string; lint_chunks: string; nx_base: string; nx_head: string; test_chunks: string}

(expression)