Tigase Forge
Dashboards
Projects
Global Views
Code Search
sztab
Issues
List
Boards
Iterations
Builds
Statistics
Child Projects
OneDev 11.9.7
Documentation Support & Bug Report RESTful API Incompatibilities License Agreement Check Update
Projects sztab Issues SZ-95
Frontend build metadata injection inconsistent in production image (SZ-95)
rk@tigase.net opened 1 day ago

Summary

The frontend "About" dialog is expected to display accurate build metadata (e.g. version, commit hash, build timestamp, environment). However, in the production Docker image, build metadata injection is inconsistent or incorrect.

Observed behavior suggests that:

  • Development mode (sztab --dev) shows expected metadata.
  • Production Docker image sometimes shows:
    • Stale version
    • Missing commit hash
    • Default/fallback values
    • Or values baked from a previous build
  • Metadata may not reflect the actual Git revision of the backend/frontend currently deployed.

This creates confusion during testing, debugging, and release validation — especially when verifying that a given deployment corresponds to a specific commit or release tag.

Expected Behavior

The About dialog should reliably display:

  • Application version (e.g. 1.9.0)
  • Git commit SHA (short)
  • Build timestamp
  • Possibly branch name (optional)
  • Environment (dev / prod)

These values must reflect the exact source revision used to build the production image.

Impact

  • Release validation ambiguity
  • Harder debugging across environments
  • Loss of traceability between image and Git revision
  • Risk of shipping wrong build unnoticed

For a system like Sztab where versioned releases (e.g. 1.9.0) are meaningful, this is a correctness issue.

Acceptance Criteria

  • Production Docker image displays correct:
    • Version
    • Commit SHA
    • Build timestamp
  • Rebuilding from a new commit changes metadata deterministically.
  • No manual editing required to update version.
  • Clean docker build --no-cache produces correct metadata.
  • Behavior consistent across:
    • Local Docker Compose
    • CI builds
    • Production deployment

Risk Assessment

Low risk. Changes isolated to build process and About dialog metadata display. No impact to runtime business logic.

Notes

This defect is not cosmetic. Accurate build metadata is critical for:

  • Release management
  • Debugging
  • Operational traceability
  • Confidence in production deployment

It should be treated as a correctness and traceability issue.

  • rk@tigase.net commented 1 day ago

    Suspected Root Causes

    Possible causes include:

    • Metadata injected only in dev build, not production build
    • Build args not passed through Dockerfile correctly
    • Multi-stage Docker build not propagating ARG → ENV
    • Frontend build using static env file that is not updated
    • CI pipeline not injecting correct values
    • Docker layer caching retaining stale metadata
    • npm build not receiving runtime environment variables
  • rk@tigase.net commented 1 day ago

    Time Estimate

    TaskHours
    Investigate current injection mechanism1.5h
    Trace Docker ARG / ENV propagation1h
    Fix Dockerfile + frontend build integration1.5h
    Implement deterministic metadata generation1h
    Validation + rebuild testing1h
    Documentation + issue notes0.5h

    Total Estimate: 6.5 hours

    Round to: 6–8 hours

    Detailed Work Log

    Phase 1 – Investigation (1.5h)

    • Inspect frontend About dialog implementation.
    • Identify how version/commit metadata is sourced.
    • Check usage of:
      • import.meta.env
      • .env.production
      • Build-time substitution
      • Hardcoded constants
    • Compare dev vs production behavior.

    Phase 2 – Docker Build Trace (1h)

    • Review Dockerfile:
      • Check ARG VERSION
      • Check ARG GIT_COMMIT
      • Confirm values are passed to frontend build stage.
    • Verify whether:
      • Build args are injected via --build-arg
      • CI passes commit SHA.
    • Inspect final production image:
      • Confirm embedded static JS bundle contains correct values.

    Phase 3 – Implementation Fix (1.5h)

    • Ensure:
      • Git commit SHA derived via git rev-parse --short HEAD
      • Version derived from tag or project version.
    • Inject into frontend build deterministically.
    • Avoid runtime-only env dependency.
    • Update Dockerfile to:
      • Explicitly propagate ARG → ENV → frontend build.
    • Ensure no stale layer caching issues.

    Phase 4 – Deterministic Validation (1h)

    • Build from commit A → verify About dialog.
    • Make dummy commit B → rebuild → verify update.
    • Build with --no-cache → confirm correctness.
    • Confirm behavior inside full Docker Compose stack.

    Phase 5 – Documentation (0.5h)

    • Document:
      • Metadata injection contract.
      • Required Docker build args.
      • Expected CI variables.
    • Add comment in Dockerfile explaining metadata flow.
  • rk@tigase.net commented 1 day ago

    Proposed Scope of Fix

    1. Audit current frontend metadata injection mechanism.
    2. Trace build metadata flow:
      • Git repo → Docker build args → frontend build → runtime bundle.
    3. Ensure:
      • Deterministic injection in production image.
      • No dependency on runtime environment variables (unless intentional).
      • Metadata is derived from actual build commit.
    4. Validate via:
      • Clean build without cache.
      • Rebuild from different commit.
      • Confirm About dialog reflects change.
    5. Document build metadata contract.
issue 1 of 1
Type
Bug
Priority
Normal
Assignee
rk@tigase.net
Version
1.9.1
Sprints
n/a
Customer
n/a
Issue Votes (0)
Login to vote
Watchers (3)
Reference
SZ-95
Please wait...
Page is in error, reload to recover