From 4431a1a48486e2049c36873fe9e606468e639f98 Mon Sep 17 00:00:00 2001 From: Martin Yankov <23098926+Lutherwaves@users.noreply.github.com> Date: Sat, 20 Dec 2025 04:59:08 +0200 Subject: [PATCH 1/2] fix(helm): add custom egress rules to realtime network policy (#2481) The realtime service network policy was missing the custom egress rules section that allows configuration of additional egress rules via values.yaml. This caused the realtime pods to be unable to connect to external databases (e.g., PostgreSQL on port 5432) when using external database configurations. The app network policy already had this section, but the realtime network policy was missing it, creating an inconsistency and preventing the realtime service from accessing external databases configured via networkPolicy.egress values. This fix adds the same custom egress rules template section to the realtime network policy, matching the app network policy behavior and allowing users to configure database connectivity via values.yaml. --- helm/sim/templates/networkpolicy.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/helm/sim/templates/networkpolicy.yaml b/helm/sim/templates/networkpolicy.yaml index deac5a5dba..7ef8697417 100644 --- a/helm/sim/templates/networkpolicy.yaml +++ b/helm/sim/templates/networkpolicy.yaml @@ -141,6 +141,10 @@ spec: ports: - protocol: TCP port: 443 + # Allow custom egress rules + {{- with .Values.networkPolicy.egress }} + {{- toYaml . | nindent 2 }} + {{- end }} {{- end }} {{- if .Values.postgresql.enabled }} From efb507f49599ca64110372a2d65ba445f224295c Mon Sep 17 00:00:00 2001 From: ppippi-dev Date: Tue, 30 Dec 2025 13:52:06 +0900 Subject: [PATCH 2/2] fix(docker): use hoisted linker for realtime Dockerfile Add --linker=hoisted to bun install to use flat node_modules layout. Fixes 'Cannot find module @sim/logger' error in Docker builds. The isolated linker mode (default for workspaces in Bun 1.3+) stores packages in node_modules/.bun/ with symlinks, which don't survive Docker COPY between stages. Using hoisted mode ensures packages are in the traditional flat layout. --- docker/realtime.Dockerfile | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/docker/realtime.Dockerfile b/docker/realtime.Dockerfile index d5ebaffec5..01994521e0 100644 --- a/docker/realtime.Dockerfile +++ b/docker/realtime.Dockerfile @@ -18,9 +18,10 @@ COPY packages/testing/package.json ./packages/testing/package.json COPY packages/logger/package.json ./packages/logger/package.json COPY packages/tsconfig/package.json ./packages/tsconfig/package.json -# Install dependencies with cache mount for faster builds +# Install dependencies with hoisted layout for Docker compatibility +# Using --linker=hoisted to avoid .bun directory symlinks that don't copy between stages RUN --mount=type=cache,id=bun-cache,target=/root/.bun/install/cache \ - bun install --omit=dev --ignore-scripts + bun install --omit=dev --ignore-scripts --linker=hoisted # ======================================== # Builder Stage: Prepare source code