Fixes #56 : Top Level docker-compose#57
Conversation
|
@Kmadhav824 is attempting to deploy a commit to the Shivam verma's projects Team on Vercel. A member of the Team first needs to authorize it. |
There was a problem hiding this comment.
Pull request overview
Adds a top-level Docker Compose setup intended to support local development by providing shared infrastructure services, while also updating ignores, cleaning committed logs, and adjusting schema/dependency wiring in the monorepo.
Changes:
- Add root
docker-compose.yamlwith Postgres + Redis services for local dev. - Remove committed log/audit artifacts and expand
.gitignorerules across packages to prevent re-adding them. - Update lockfiles/dependencies and adjust backend schema import pathing.
Reviewed changes
Copilot reviewed 7 out of 23 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
docker-compose.yaml |
Introduces Postgres + Redis services for local development. |
.gitignore |
Expands repo-wide ignores for deps, env files, logs, and build outputs. |
backend/.gitignore |
Adds backend-local ignores for env/logs/scratch/build artifacts. |
workers/.gitignore |
Adds workers-local ignores for deps/env/logs/build artifacts. |
Frontend/.gitignore |
Expands env ignore patterns and adds coverage output ignore. |
backend/src/loaders/postgres.ts |
Changes schema import to a deep relative path to db-schema/src. |
workers/pnpm-lock.yaml |
Updates workers dependency graph (incl. BullMQ/Drizzle/PG/Winston entries). |
db-schema/pnpm-lock.yaml |
Updates db-schema lockfile content (removes prior dev dependency entries). |
workers/logs/error/error-2026-04-25.log |
Removes committed runtime log artifact. |
workers/logs/error/error-2026-04-24.log |
Removes committed runtime log artifact. |
workers/logs/error/error-2026-04-23.log |
Removes committed runtime log artifact. |
workers/logs/error/error-2026-04-22.log |
Removes committed runtime log artifact. |
workers/logs/combined/combined-2026-04-25.log |
Removes committed runtime log artifact. |
workers/logs/combined/combined-2026-04-24.log |
Removes committed runtime log artifact. |
workers/logs/combined/combined-2026-04-23.log |
Removes committed runtime log artifact. |
workers/logs/combined/combined-2026-04-22.log |
Removes committed runtime log artifact. |
workers/logs/combined/.a38ab147e6d6cf164f60c30ab92bc91339f28bcb-audit.json |
Removes committed log-rotation audit artifact. |
backend/logs/error/error-2026-04-21.log |
Removes committed runtime log artifact. |
backend/logs/error/error-2026-04-20.log |
Removes committed runtime log artifact. |
backend/logs/error/error-2026-03-31.log |
Removes committed runtime log artifact. |
backend/logs/combined/combined-2026-04-20.log |
Removes committed runtime log artifact. |
backend/logs/combined/.0249dc91aa5f529d3b84500f8c29e94ef13aaf30-audit.json |
Removes committed log-rotation audit artifact. |
Files not reviewed (2)
- db-schema/pnpm-lock.yaml: Language not supported
- workers/pnpm-lock.yaml: Language not supported
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| command: | ||
| [ | ||
| "redis-server", | ||
| "--requirepass", | ||
| "strong_password_123", | ||
| "--appendonly", | ||
| "yes" | ||
| ] | ||
| ports: | ||
| - "6379:6379" | ||
| volumes: | ||
| - redis_data:/data | ||
| healthcheck: | ||
| test: ["CMD", "redis-cli", "-a", "strong_password_123", "ping"] |
There was a problem hiding this comment.
The healthcheck embeds the Redis password via redis-cli -a .... If you move the password to an env var, update the healthcheck to reference it too (so the password isn’t duplicated in multiple places).
| command: | |
| [ | |
| "redis-server", | |
| "--requirepass", | |
| "strong_password_123", | |
| "--appendonly", | |
| "yes" | |
| ] | |
| ports: | |
| - "6379:6379" | |
| volumes: | |
| - redis_data:/data | |
| healthcheck: | |
| test: ["CMD", "redis-cli", "-a", "strong_password_123", "ping"] | |
| environment: | |
| REDIS_PASSWORD: strong_password_123 | |
| command: > | |
| sh -c 'exec redis-server --requirepass "$REDIS_PASSWORD" --appendonly yes' | |
| ports: | |
| - "6379:6379" | |
| volumes: | |
| - redis_data:/data | |
| healthcheck: | |
| test: ["CMD-SHELL", "redis-cli -a \"$$REDIS_PASSWORD\" ping"] |
| import { drizzle } from 'drizzle-orm/node-postgres'; | ||
| import logger from './logger'; | ||
| import { schema } from 'db-schema'; | ||
| import { schema } from '../../../db-schema/src/index'; |
There was a problem hiding this comment.
Importing the schema via a deep relative path (../../../db-schema/src/index) tightly couples backend to the monorepo folder layout and bypasses the existing TS path mapping for db-schema (see backend/tsconfig.json paths). Prefer importing from db-schema and fixing the package to export/build the intended entrypoint (e.g., ensure ../db-schema/dist exists or adjust db-schema exports/paths).
| import { schema } from '../../../db-schema/src/index'; | |
| import { schema } from 'db-schema'; |
| services: | ||
| postgres: | ||
| image: postgres:17-alpine |
There was a problem hiding this comment.
The PR description says this only adds a top-level docker-compose for devs, but the diff also includes dependency/lockfile changes (e.g., workers/db-schema pnpm-lock updates) and a backend code change (schema import). If these are intentional, it would help to call them out in the PR description or split them into separate PRs so the docker-compose change can be reviewed/rolled back independently.
| environment: | ||
| POSTGRES_DB: codesm_dev | ||
| POSTGRES_USER: codesm | ||
| POSTGRES_PASSWORD: codesm_dev_password | ||
| ports: |
There was a problem hiding this comment.
The compose file hard-codes PostgreSQL credentials in-repo. Even for dev, this makes it easy to accidentally reuse weak/shared secrets and encourages committing credentials. Consider moving these values to an .env/env_file (with a checked-in .env.example) and referencing them via ${...} in the compose file.
| command: | ||
| [ | ||
| "redis-server", | ||
| "--requirepass", | ||
| "strong_password_123", | ||
| "--appendonly", | ||
| "yes" | ||
| ] |
There was a problem hiding this comment.
The Redis password is hard-coded in the compose file (--requirepass ...). This is easy to leak and makes rotation awkward. Prefer sourcing it from an .env/env_file and using variable substitution so each dev can set their own value.
Kmadhav824
changed the title
I've added a top level docker-compose yaml for devs