Split extra args into launch and exec

[Nuru]

what

• GEODESIC_DOCKER_EXTRA_ARGS is deprecated. Geodesic distinguishes between options for launching a container
  and options for exec’ing into a running one. Use GEODESIC_DOCKER_EXTRA_LAUNCH_ARGS for container launch and
  GEODESIC_DOCKER_EXTRA_EXEC_ARGS for exec’ing into a running container.
• Add additional outputs to --verbose mode
• Minor cleanups for non-standard launch attempts

why

• Some arguments only apply at launch time, while others my vary with each exec into the same container
• More clarity around options being passed to docker
• Catch a few more edge cases

[coderabbitai]

📝 Walkthrough

Walkthrough

This update introduces several documentation and code changes related to the handling of Docker argument environment variables in Geodesic version 4.4.0 and later. The environment variable GEODESIC_DOCKER_EXTRA_ARGS is now deprecated and replaced by two new variables: GEODESIC_DOCKER_EXTRA_LAUNCH_ARGS for container launch options and GEODESIC_DOCKER_EXTRA_EXEC_ARGS for exec options. The codebase is updated to support this separation, including deprecation warnings and backward compatibility handling. Additional changes include improved debug logging for Docker commands, stricter checks for unsupported shell launch scenarios, and minor documentation and messaging updates.

Changes

File(s)	Change Summary
ReleaseNotes-v4.md docs/environment.md	Updated documentation to deprecate GEODESIC_DOCKER_EXTRA_ARGS in favor of GEODESIC_DOCKER_EXTRA_LAUNCH_ARGS and GEODESIC_DOCKER_EXTRA_EXEC_ARGS, clarifying their usage for Docker container launch and exec phases starting with Geodesic v4.4.0.
rootfs/templates/wrapper-body.sh	Refactored to support the new environment variables for Docker arguments, replacing GEODESIC_DOCKER_EXTRA_ARGS with the new variables for launch and exec phases. Added deprecation warnings and backward compatibility logic. Introduced debug_and_run() and _exec_existing() helper functions for structured debug logging and command execution. Updated related functions and command invocations accordingly. Changed all string equality tests from == to = for POSIX compliance. Redirected informational echo output to stderr.
rootfs/etc/profile.d/_01-launch-warning.sh	Added explanatory comments to the warning output mechanism. Modified logic to only display the warning if standard input is a terminal, preventing the warning in non-interactive or piped scenarios.
rootfs/etc/profile.d/_60-register-stray-shells.sh	Modified warning message output to redirect to stderr. Added a check for login shells started as PID 1 without a terminal and without command-line arguments, printing a multi-line warning to stderr and exiting with status 1.
rootfs/usr/local/bin/boot	Inserted a blank comment line to visually separate blocks of instructional output, with no changes to logic or control flow.

✨ Finishing Touches

• 📝 Generate Docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (9)

rootfs/usr/local/bin/boot (1)

22-23: Trim trailing whitespace and confirm visual separator.
The new empty comment line improves readability, but the preceding line ends with an unintended space before the closing quote. Consider removing that trailing whitespace for consistency.

docs/environment.md (1)

43-47: Clarify usage regarding quoting of new environment variables.
To ensure users understand that values must be left unquoted to allow proper splitting (as with the deprecated GEODESIC_DOCKER_EXTRA_ARGS), consider adding a note such as:

 Starting with Geodesic version 4.4.0:
 - `GEODESIC_DOCKER_EXTRA_ARGS` is deprecated. Geodesic distinguishes between options for launching a container
   and options for exec’ing into a running one. Use `GEODESIC_DOCKER_EXTRA_LAUNCH_ARGS` for container launch and
   `GEODESIC_DOCKER_EXTRA_EXEC_ARGS` for exec’ing into a running container.
+  Note: Leave these variables unquoted when setting or using them so that multiple space-separated arguments are correctly passed.

rootfs/etc/profile.d/_60-register-stray-shells.sh (1)

24-31: Redirect warning messages to stderr.
To avoid mixing error messages with regular output, consider writing to stderr. For example:

-	echo "#  You have launched a login shell without a terminal and without a command."
-	echo "#  This is not supported. Please run a command or attach a terminal."
+	echo "#  You have launched a login shell without a terminal and without a command." >&2
+	echo "#  This is not supported. Please run a command or attach a terminal." >&2

rootfs/templates/wrapper-body.sh (6)

243-243: Add contextual information to debug logs
You've added a printf in debug() to emit messages when VERBOSE=true. Consider enriching these logs with a timestamp or context (e.g., the calling function name) to make it easier to trace execution order in complex flows.

---

247-252: Capture and log exit status in debug_and_run
The new debug_and_run() wrapper logs before running the command but doesn’t record the exit code. Capturing and emitting the exit status improves observability when a command fails.

Example diff:

 function debug_and_run() {
   debug '>>>'
   debug "Running: $*"
-  debug '<<<'
-  "$@"
+  "$@"
+  local status=$?
+  debug "Exit status: $status"
+  debug '<<<'
+  return $status
 }

---

369-380: Implement _exec_existing helper
This new helper cleanly consolidates docker exec invocation. A few polish items:

• Redirect the informative echo "# Exec'ing shell…" to stderr (>&2) so it doesn’t mix with container I/O.
• Quote --env G_HOST_PID="$WRAPPER_PID" to guard against unexpected splitting (even if unlikely).
• For robust word splitting, consider parsing GEODESIC_DOCKER_EXTRA_EXEC_ARGS into a Bash array rather than relying on unquoted expansion.

---

388-399: Deprecation warning for GEODESIC_DOCKER_EXTRA_ARGS
Good handling of the old variable for backward compatibility.
Nit: fix the typo in the warning message—change “igored” to “ignored”.

---

622-625: Consistent stream for extra launch-args notice
You echo the extra‐args banner to stdout; most warnings go to stderr. Redirect this with >&2 for consistency and to avoid mixing with normal container output.

---

628-633: Consistent stream for detached‐mode extra args notice
Similarly, the detached‐mode branch prints to stdout. Please redirect these notices to stderr (echo >&2) to match other warning patterns.

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6dc06cd and 754cecf.

📒 Files selected for processing (6)

• ReleaseNotes-v4.md (1 hunks)
• docs/environment.md (1 hunks)
• rootfs/etc/profile.d/_01-launch-warning.sh (2 hunks)
• rootfs/etc/profile.d/_60-register-stray-shells.sh (1 hunks)
• rootfs/templates/wrapper-body.sh (6 hunks)
• rootfs/usr/local/bin/boot (1 hunks)

🧰 Additional context used

🧠 Learnings (3)

📓 Common learnings

Learnt from: Nuru
PR: cloudposse/geodesic#961
File: rootfs/templates/wrapper-body.sh:490-490
Timestamp: 2025-01-20T04:32:40.585Z
Learning: In the Geodesic project, GEODESIC_DOCKER_EXTRA_ARGS environment variable is intentionally left unquoted in docker run commands to allow passing multiple space-separated Docker arguments through a single environment variable.

docs/environment.md (1)

Learnt from: Nuru
PR: cloudposse/geodesic#961
File: rootfs/templates/wrapper-body.sh:490-490
Timestamp: 2025-01-20T04:32:40.585Z
Learning: In the Geodesic project, GEODESIC_DOCKER_EXTRA_ARGS environment variable is intentionally left unquoted in docker run commands to allow passing multiple space-separated Docker arguments through a single environment variable.

ReleaseNotes-v4.md (1)

Learnt from: Nuru
PR: cloudposse/geodesic#961
File: rootfs/templates/wrapper-body.sh:490-490
Timestamp: 2025-01-20T04:32:40.585Z
Learning: In the Geodesic project, GEODESIC_DOCKER_EXTRA_ARGS environment variable is intentionally left unquoted in docker run commands to allow passing multiple space-separated Docker arguments through a single environment variable.

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: build-and-push (debian)

🔇 Additional comments (7)

ReleaseNotes-v4.md (1)

726-730: Inconsistent version context in release notes.
The file header specifies “Geodesic v4.0.0 Release Notes”, yet this section introduces a deprecation effective in version 4.4.0. Please verify whether to:

• Update the header to reflect v4.4.0, or
• Split this content into a new ReleaseNotes-v4.4.0.md, or
• Adjust the context to clarify these are upcoming v4.4.0 changes.

rootfs/etc/profile.d/_01-launch-warning.sh (2)

14-17: Improve clarity of piped warning mechanism.
The expanded comment block clearly explains how warn_if_piped constructs and erases messages on a terminal, which enhances maintainability and developer understanding. Well done.

---

67-67: Verify conditional invocation of warn_if_piped.
The guard [[ -t 0 ]] && warn_if_piped executes the warning only when stdin is a terminal, which may skip it when input is piped. If the intention is to warn on piped input, this condition might be inverted. Please confirm the desired behavior and adjust the condition accordingly.

rootfs/templates/wrapper-body.sh (4)

267-269: Leverage debug_and_run for on-shell-exit hook
Great use of debug_and_run to wrap the ON_SHELL_EXIT hook under verbose mode. This consistently surfaces hook execution when troubleshooting.

---

271-276: Leverage debug_and_run for on-container-exit hook
Wrapping ON_CONTAINER_EXIT in debug_and_run is a clean way to unify logging. Nice improvement to trace container‐exit behavior.

---

328-331: Use debug_and_run to wait for container exit
Calling wait_for_container_exit via debug_and_run maintains consistent debug output. LGTM.

---

430-432: Centralize exec logic with _exec_existing
Replacing the inline docker exec in the use() path with a call to _exec_existing improves maintainability by eliminating duplicate code. Approved.

[coderabbitai]

Actionable comments posted: 0

♻️ Duplicate comments (1)

rootfs/templates/wrapper-body.sh (1)

263-269: Suppress only Docker errors in shell-pid helpers
By calling debug_and_run --noerr docker exec…, stderr redirection is scoped to the Docker command alone, addressing earlier concerns about hiding debug output.

🧹 Nitpick comments (5)

rootfs/templates/wrapper-body.sh (3)

247-261: Introduce debug_and_run for structured logging
Wrapping commands in debug_and_run with pre- and post-logging greatly improves observability. Nit: the indentation of the local status line (two spaces) doesn’t match the surrounding tabs—consider aligning for consistency.

---

378-389: Extract exec logic into _exec_existing helper
Centralizing docker exec invocations and combining interactive flags, env vars, and extra exec args improves modularity. Consider that unquoted ${GEODESIC_DOCKER_EXTRA_EXEC_ARGS} can lead to word-splitting or injection risks—refactoring this into a proper array or validating its contents would harden the script.

---

629-637: Integrate new launch-args into docker run
Logging the use of GEODESIC_DOCKER_EXTRA_LAUNCH_ARGS and passing it unquoted to docker run fulfils the PR’s split-args goal. As with exec args, consider an array-based approach (or at least validation) to avoid subtle parsing issues when users supply complex flags.

Also applies to: 639-642

rootfs/etc/profile.d/_60-register-stray-shells.sh (2)

20-23: Track stray shells on stderr
Converting the yellow warning for stray shells to >&2 ensures it won’t interfere with normal stdout consumption. For consistency with other POSIX changes, you may want to replace [[ $PPID == 0 ]] with [[ $PPID = 0 ]].

---

25-31: Error on unsupported login shell invocation
Great addition of a clear stderr message and exit status for login shells without a TTY or command. To align with the rest of the codebase, switch [[ $$ == 1 ]] to [[ $$ = 1 ]].

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 754cecf and de5bfad.

📒 Files selected for processing (5)

• ReleaseNotes-v4.md (1 hunks)
• docs/environment.md (1 hunks)
• rootfs/etc/profile.d/_60-register-stray-shells.sh (1 hunks)
• rootfs/templates/wrapper-body.sh (10 hunks)
• rootfs/usr/local/bin/boot (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (3)

• rootfs/usr/local/bin/boot
• docs/environment.md
• ReleaseNotes-v4.md

🧰 Additional context used

🧠 Learnings (1)

📓 Common learnings

Learnt from: Nuru
PR: cloudposse/geodesic#961
File: rootfs/templates/wrapper-body.sh:490-490
Timestamp: 2025-01-20T04:32:40.585Z
Learning: In the Geodesic project, GEODESIC_DOCKER_EXTRA_ARGS environment variable is intentionally left unquoted in docker run commands to allow passing multiple space-separated Docker arguments through a single environment variable.

⏰ Context from checks skipped due to timeout of 90000ms (1)

• GitHub Check: build-and-push (debian)

🔇 Additional comments (6)

rootfs/templates/wrapper-body.sh (6)

13-16: Use POSIX‐compliant string comparison
Replacing == with = in the GEODESIC_SHELL check ensures compatibility across more shells.

---

242-244: Redirect debug output to stderr
Switching from echo to printf and sending debug messages to >&2 keeps debug logs off stdout and is more reliable than echo.

---

276-284: Add logging to exit-hook invocations
Using debug_and_run for both ON_SHELL_EXIT and ON_CONTAINER_EXIT hooks ensures any failures or delays are visible.

---

328-342: Enhance run_exit_hooks with debug wrapper
All code paths in run_exit_hooks, including the ONE_SHELL branch and the “no shells” scenario, now use debug_and_run for consistency in logging.

🧰 Tools

🪛 Shellcheck (0.10.0)

[warning] 334-334: Declare and assign separately to avoid masking return values.

(SC2155)

---

[warning] 335-335: Prefer mapfile or read -a to split command output (or quote to avoid splitting).

(SC2207)

---

374-376: Use debug_and_run in fallback wait loop
Wrapping wait_for_container_exit in the debug helper ensures its start and exit status are always logged.

---

397-408: Deprecation flow for old extra-args variable
The deprecation warning and fallback assignment to GEODESIC_DOCKER_EXTRA_LAUNCH_ARGS are clear. Verify whether users of the old GEODESIC_DOCKER_EXTRA_ARGS expect those flags on docker exec as well—currently only launch args are carried forward.