chore(valkey): use Run function

[mdelapenya]

What does this PR do?

Use the Run function in valkey

Why is it important?

Migrate modules to the new API, improving consistency and leveraging the latest testcontainers functionality.

Related issues

• Relates to chore!: use testcontainers.Run function everywhere #3174

[netlify]

✅ Deploy Preview for testcontainers-go ready!

Name	Link
🔨 Latest commit	ab45829
🔍 Latest deploy log	https://app.netlify.com/projects/testcontainers-go/deploys/68e7c397eab0c70008cb6d02
😎 Deploy Preview	https://deploy-preview-3438--testcontainers-go.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[coderabbitai]

Summary by CodeRabbit

• New Features

  • Simplified TLS setup with automatic certificate provisioning and enhanced startup checks.
  • More reliable config-file support and command argument handling for custom setups.

• Bug Fixes

  • Consistent processing of log level and snapshotting options.
  • Clearer, more actionable errors when applying options.
  • Improved readiness checks under TLS.

• Refactor

  • Consolidated startup options to improve stability and maintainability.

Walkthrough

Refactors modules/valkey/valkey.go to assemble container options (moduleOpts) and call testcontainers.Run. Moves TLS cert generation and file/cmd injection into options, adjusts wait strategies, updates argument helpers, and wraps option/application errors consistently.

Changes

Cohort / File(s)	Summary
Run flow & option assembly modules/valkey/valkey.go	Replaces manual GenericContainerRequest mutation with building a moduleOpts slice (WithExposedPorts, WithWaitStrategy, etc.) and invoking testcontainers.Run(ctx, img, append(moduleOpts, opts...)...). Container creation error wrapped as "run valkey: %w".
TLS file & command handling modules/valkey/valkey.go	Generates TLS certs at runtime, injects them via testcontainers.WithFiles, augments command args via WithCmd/WithCmdArgs, and populates tlsConfig; wait strategy extended for TLS readiness.
Config, log level, snapshot helpers modules/valkey/valkey.go	WithConfigFile switched to WithFiles/WithCmd; WithLogLevel and WithSnapshotting now return processValkeyServerArgs result.
Argument processing & error wrapping modules/valkey/valkey.go	processValkeyServerArgs now returns error and constructs commands via WithCmd, handling empty/pre-populated Cmd and server prefixing. Option application errors wrapped as "apply option: %w".

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant Caller
  participant Valkey as Valkey Module
  participant TLS as TLS Helper
  participant TC as testcontainers

  Caller->>Valkey: Run(ctx, img, opts...)
  Valkey->>Valkey: Build moduleOpts (WithExposedPorts, WithWaitStrategy, etc.)
  alt TLS enabled
    Valkey->>TLS: generate certs/keys
    TLS-->>Valkey: cert files & tlsConfig
    Valkey->>Valkey: append WithFiles + WithCmd/WithCmdArgs
    Valkey->>Valkey: extend wait strategy for TLS
  end
  Valkey->>TC: Run(ctx, img, moduleOpts..., opts...)
  TC-->>Valkey: container / error
  alt success
    Valkey-->>Caller: container handle + tlsConfig
  else failure
    Valkey-->>Caller: error ("run valkey: %w")
  end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• chore(qdrant): use Run function #3427 — Similar migration to option-based moduleOpts and testcontainers.Run, replacing GenericContainerRequest mutation.
• chore(pulsar): use Run function #3426 — Refactors another module to stop mutating ContainerRequest and use With* option helpers with testcontainers.Run.
• chore(scylladb): use Run function #3433 — Applies the same pattern: move TLS/file/cmd/wait logic into With* options and call testcontainers.Run.

Suggested reviewers

• stevenh

Poem

I nibble args and stack them neat,
TLS carrots tucked for every feat.
Files, flags, and waits in tune,
I hop until the logs say "boom!"
Valkey runs — my whiskers beat. 🥕🐇

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title Check	✅ Passed	The title succinctly describes the primary change of migrating the valkey module to use the Run function, clearly matching the core update in the changeset and following a conventional commit style without extraneous detail.
Description Check	✅ Passed	The description clearly outlines that the PR switches valkey to use the Run function, explains its importance for API consistency, and references the related upstream pull request, making it directly relevant to the actual changes in the code.
Docstring Coverage	✅ Passed	Docstring coverage is 80.00% which is sufficient. The required threshold is 80.00%.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

modules/valkey/valkey.go (1)

160-163: Config file mode should be non-executable.

0755 isn’t necessary for a config file; prefer 0644.

Apply this diff:

-		cf := testcontainers.ContainerFile{
+		cf := testcontainers.ContainerFile{
 			HostFilePath:      configFile,
 			ContainerFilePath: defaultConfigFile,
-			FileMode:          0o755,
+			FileMode:          0o644,
 		}

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between daabf50 and b85c38c.

📒 Files selected for processing (1)

• modules/valkey/valkey.go (5 hunks)

🧰 Additional context used

🧬 Code graph analysis (1)

modules/valkey/valkey.go (3)

modules/valkey/options.go (1)

• Option (22-22)

options.go (7)

• ContainerCustomizer (22-24)
• WithExposedPorts (454-459)
• WithCmdArgs (470-475)
• WithFiles (524-529)
• WithWaitStrategy (366-368)
• WithCmd (462-467)
• CustomizeRequestOption (28-28)

container.go (1)

• ContainerFile (110-115)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: test (1.25.x, modules/valkey) / test: modules/valkey/1.25.x
• GitHub Check: test (1.24.x, modules/valkey) / test: modules/valkey/1.24.x
• GitHub Check: Analyze (go)

🔇 Additional comments (8)

modules/valkey/valkey.go (8)

74-76: Good default: expose Valkey port via WithExposedPorts.

Order (module defaults first, user overrides later) is correct.

---

133-134: Good: wait strategies applied via WithWaitStrategy.

Consolidated wait configuration aligns with the Run flow.

---

141-143: Helpful error wrapping.

Returning the (possibly) initialized container along with wrapped error is useful for diagnostics/cleanup.

---

165-176: WithConfigFile correctly preserves previously added args.

Prepending valkey-server and the config file while retaining any existing args (e.g., TLS flags) is the right behavior.

Consider adding an integration test that combines WithConfigFile + TLS to assert the final command resembles:
valkey-server /usr/local/valkey.conf --tls-port 6379 --port 0 --tls-cert-file ...

---

183-184: Arg processing unified through processValkeyServerArgs.

Keeps log/snapshot flags consistent regardless of prior command configuration.

Also applies to: 200-201

---

204-217: Confirm valkey-server image ENTRYPOINT
I couldn’t find a Dockerfile for the valkey-server image in this repo—please verify the container’s ENTRYPOINT/CMD behavior (e.g. that it execs valkey-server when invoked with args) to ensure WithCmd-only flows remain valid.

---

83-86: Remove duplicate port wait, use TrimSuffix, and tighten TLS key perms

• Remove the second wait.ForListeningPort(valkeyPort)… in the TLS block (line 85).
• Replace strings.Replace(valkeyPort, "/tcp", "", 1) with strings.TrimSuffix(valkeyPort, "/tcp") (line 96).
• Optionally set server.key FileMode to 0o640 instead of 0o644 (currently at line 121) if ownership permits; verify that WithFiles creates /tls with the correct directory, permissions, and ownership.

---

64-72: Option filtering is unnecessary Option.Customize is a NOOP, so forwarding Module Options into testcontainers.Run has no effect and filtering them only adds complexity.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (4)

modules/valkey/valkey.go (4)

78-86: Remove redundant port wait and avoid 10s per-strategy timeout (flaky in CI).

• Duplicate ForListeningPort in TLS branch (same port) is unnecessary.
• 10s per-strategy timeout is tight; rely on the global 60s deadline or increase.

Apply:

-	waitStrategies := []wait.Strategy{
-		wait.ForListeningPort(valkeyPort).WithStartupTimeout(time.Second * 10),
-		wait.ForLog("* Ready to accept connections"),
-	}
+	waitStrategies := []wait.Strategy{
+		wait.ForListeningPort(valkeyPort),
+		wait.ForLog("* Ready to accept connections"),
+	}
@@
-		// wait for the TLS port to be available
-		waitStrategies = append(waitStrategies, wait.ForListeningPort(valkeyPort).WithStartupTimeout(time.Second*10))
+		// TLS uses the same port; base port wait above suffices

---

105-107: Prefer using processValkeyServerArgs for TLS args (don’t rely on image entrypoint).

If Cmd is empty, WithCmdArgs relies on the image’s ENTRYPOINT/CMD. Using the existing helper makes this robust and consistent with other options.

-			testcontainers.WithCmdArgs(cmds...),
+			testcontainers.CustomizeRequestOption(func(req *testcontainers.GenericContainerRequest) error {
+				return processValkeyServerArgs(req, cmds)
+			}),

---

141-143: Include image in the error for easier debugging.

-		return c, fmt.Errorf("run valkey: %w", err)
+		return c, fmt.Errorf("run valkey (%s): %w", img, err)

---

154-158: Config file doesn’t need execute bit; use 0644.

-			FileMode:          0o755,
+			FileMode:          0o644,

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b85c38c and ab45829.

📒 Files selected for processing (1)

• modules/valkey/valkey.go (5 hunks)

🧰 Additional context used

🧬 Code graph analysis (1)

modules/valkey/valkey.go (3)

modules/valkey/options.go (1)

• Option (22-22)

options.go (7)

• ContainerCustomizer (22-24)
• WithExposedPorts (454-459)
• WithCmdArgs (470-475)
• WithFiles (524-529)
• WithWaitStrategy (366-368)
• WithCmd (462-467)
• CustomizeRequestOption (28-28)

container.go (1)

• ContainerFile (110-115)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: test (1.24.x, modules/valkey) / test: modules/valkey/1.24.x
• GitHub Check: Analyze (go)

🔇 Additional comments (1)

modules/valkey/valkey.go (1)

64-73: Option implements ContainerCustomizer; no action required Option’s Customize method satisfies testcontainers.ContainerCustomizer and ensures all custom options are applied.

Likely an incorrect or invalid review comment.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

server.key should be 0600 (private key).

Current 0644 makes the key world-readable in the container. Tighten permissions.

-				testcontainers.ContainerFile{
-					Reader:            bytes.NewReader(serverCert.KeyBytes),
-					ContainerFilePath: "/tls/server.key",
-					FileMode:          0o644,
-				}),
+				testcontainers.ContainerFile{
+					Reader:            bytes.NewReader(serverCert.KeyBytes),
+					ContainerFilePath: "/tls/server.key",
+					FileMode:          0o600,
+				}),

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	testcontainers.ContainerFile{
	Reader: bytes.NewReader(serverCert.KeyBytes),
	ContainerFilePath: "/tls/server.key",
	FileMode: 0o644,
	}),
	testcontainers.ContainerFile{
	Reader: bytes.NewReader(serverCert.KeyBytes),
	ContainerFilePath: "/tls/server.key",
	FileMode: 0o600,
	}),

🤖 Prompt for AI Agents

In modules/valkey/valkey.go around lines 118 to 122, the server private key file
is being written into the container with mode 0644 which makes it
world-readable; change the FileMode for "/tls/server.key" to 0600 (use Go octal
0o600) so the key is only readable/writable by the owner. Ensure the value is
the correct octal literal and rebuild/tests to verify permissions.