Skip to content

push initial setup #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 48 commits into
base: main
Choose a base branch
from
Open

push initial setup #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
48 commits
Select commit Hold shift + click to select a range
2c9c653
push initial setup
nishant-sharechat Aug 11, 2025
9a6ac0a
update
nishant-sharechat Aug 11, 2025
0a3047a
update
nishant-sharechat Aug 11, 2025
f719fe2
update
nishant-sharechat Aug 11, 2025
f9b9fd5
update
nishant-sharechat Aug 11, 2025
bffab63
update
nishant-sharechat Aug 11, 2025
802a4db
update
nishant-sharechat Aug 11, 2025
352d9c8
update
nishant-sharechat Aug 11, 2025
6827171
update
nishant-sharechat Aug 11, 2025
37d36df
update
nishant-sharechat Aug 11, 2025
940eef7
update
nishant-sharechat Aug 11, 2025
e2db365
update
nishant-sharechat Aug 11, 2025
f9f7b64
hyper dx changes
Aug 20, 2025
9d2e3b1
lint solve
Aug 20, 2025
54b8ca6
lint solve
Aug 20, 2025
45bb4a7
lint solve
Aug 20, 2025
e4ac2e9
lint solve
Aug 20, 2025
3e53988
filters options issue solve
Aug 21, 2025
f2594f5
filters and limit increase
Aug 22, 2025
6a74e91
Lint solve
Aug 22, 2025
e7ce5ac
Lint solve
Aug 22, 2025
6929ce7
search filter
Aug 22, 2025
3505af0
Lint solve
Aug 22, 2025
9e725f1
filter limit and name change
Aug 25, 2025
47ea34b
Lint solve
Aug 25, 2025
61f4a85
Lint solve
Aug 25, 2025
c6001f1
update filter keys
nishant-sharechat Aug 25, 2025
c94ec37
time and latency issue
Aug 26, 2025
c67547a
Lint solve
Aug 26, 2025
3528824
sorting the sources and filters
Aug 26, 2025
15ed95d
Lint solve
Aug 26, 2025
f1e5697
Lint solve
Aug 26, 2025
7b57907
Context for sources
Aug 26, 2025
2bd3055
filter on search and max rows to read
Sep 1, 2025
e3bbf04
lint solve
Sep 1, 2025
f6b5dc4
env variable added, full expand and custom max_rows_to_read
Sep 2, 2025
3b35709
lint error
Sep 2, 2025
bf65fa2
lint error
Sep 2, 2025
d1f0bf5
add to filter button removed, filter set
Sep 2, 2025
2f5a492
filters caching removed
Sep 3, 2025
5a85c23
Default tab changed to Pod from all
Sep 3, 2025
8fb3a76
Lint solve
Sep 3, 2025
55b1c92
Chart data liimit and page size increased
Sep 3, 2025
a473009
env variable for page limit
Sep 3, 2025
c53d7ef
Lint issue
Sep 4, 2025
3c03455
Lint issue
Sep 4, 2025
abf1ad3
Lint issue
Sep 4, 2025
6d84559
Lint issue
Sep 4, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
94 changes: 94 additions & 0 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,94 @@
# HyperDX API and App Server Dockerfile
# This Dockerfile creates a single image with both the API and App servers

ARG NODE_VERSION=22.16.0

# Base stage with Node.js and dependencies
FROM node:${NODE_VERSION}-alpine AS base

WORKDIR /app

# Copy workspace configuration files
COPY .yarn ./.yarn
COPY .yarnrc.yml yarn.lock package.json nx.json .prettierrc .prettierignore ./

# Copy package.json files for all packages
COPY ./packages/common-utils/package.json ./packages/common-utils/
COPY ./packages/api/package.json ./packages/api/
COPY ./packages/app/package.json ./packages/app/

# Install dependencies
RUN apk add --no-cache libc6-compat
RUN yarn install --mode=skip-build && yarn cache clean

# Builder stage
FROM base AS builder

WORKDIR /app

# Copy source code for all packages
COPY ./packages/common-utils ./packages/common-utils
COPY ./packages/api ./packages/api
COPY ./packages/app ./packages/app

# Set build environment variables
ENV NEXT_TELEMETRY_DISABLED 1
ENV NEXT_PUBLIC_IS_LOCAL_MODE false
ENV NX_DAEMON=false

# Build packages in dependency order
RUN yarn workspace @hyperdx/common-utils build
RUN yarn workspace @hyperdx/api build
RUN yarn workspace @hyperdx/app build

# Production stage
FROM node:${NODE_VERSION}-alpine AS production

ARG CODE_VERSION=2.1.1

ENV CODE_VERSION=2.1.1
Comment on lines +47 to +49
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix CODE_VERSION environment variable

The ENV CODE_VERSION=2.1.1 hardcodes the value and overrides the ARG, making the build argument ineffective.

 ARG CODE_VERSION=2.1.1
 
-ENV CODE_VERSION=2.1.1
+ENV CODE_VERSION=${CODE_VERSION}
🤖 Prompt for AI Agents 
In Dockerfile around lines 47 to 49, the ENV line hardcodes CODE_VERSION and
overrides the ARG; replace the hardcoded ENV with one that references the build
ARG (e.g. ENV CODE_VERSION=${CODE_VERSION}) or remove the ENV entirely if you
only need the ARG during build time, ensuring the ARG value is propagated
correctly to the environment when required.

ENV NODE_ENV production

# Install concurrently for running multiple processes
RUN npm install -g [email protected]

# Create non-root user
RUN addgroup -g 1001 -S nodejs
RUN adduser -S nodejs -u 1001

USER nodejs

WORKDIR /app

# Copy built API
COPY --chown=nodejs:nodejs --from=builder /app/packages/api/dist ./packages/api/dist
COPY --chown=nodejs:nodejs --from=builder /app/packages/api/package.json ./packages/api/package.json

# Copy built App (Next.js)
COPY --chown=nodejs:nodejs --from=builder /app/packages/app/.next ./packages/app/.next
COPY --chown=nodejs:nodejs --from=builder /app/packages/app/public ./packages/app/public
COPY --chown=nodejs:nodejs --from=builder /app/packages/app/package.json ./packages/app/package.json
COPY --chown=nodejs:nodejs --from=builder /app/packages/app/next.config.js ./packages/app/next.config.js

# Copy built common-utils
COPY --chown=nodejs:nodejs --from=builder /app/packages/common-utils/dist ./packages/common-utils/dist
COPY --chown=nodejs:nodejs --from=builder /app/packages/common-utils/package.json ./packages/common-utils/package.json

# Copy node_modules for runtime dependencies
COPY --chown=nodejs:nodejs --from=builder /app/node_modules ./node_modules
COPY --chown=nodejs:nodejs --from=builder /app/packages/api/node_modules ./packages/api/node_modules
COPY --chown=nodejs:nodejs --from=builder /app/packages/app/node_modules ./packages/app/node_modules
COPY --chown=nodejs:nodejs --from=builder /app/packages/common-utils/node_modules ./packages/common-utils/node_modules

# Copy and set up entry script
COPY --chown=nodejs:nodejs docker/hyperdx/entry.prod.sh /etc/local/entry.sh
RUN chmod +x /etc/local/entry.sh

# Expose ports
EXPOSE 8000 8080

# Health check
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
CMD curl -f http://localhost:8000/health || exit 1
Comment on lines +91 to +92
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Ensure curl is available for health check

The HEALTHCHECK uses curl but it's not explicitly installed in the production stage. Alpine images may not include curl by default.

Add curl installation in the production stage:

 FROM node:${NODE_VERSION}-alpine AS production
 
 ARG CODE_VERSION=2.1.1
 
+# Install curl for healthcheck
+RUN apk add --no-cache curl
+
 ENV CODE_VERSION=${CODE_VERSION}
 ENV NODE_ENV production
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
CMD curl -f http://localhost:8000/health || exit 1
FROM node:${NODE_VERSION}-alpine AS production
ARG CODE_VERSION=2.1.1
# Install curl for healthcheck
RUN apk add --no-cache curl
ENV CODE_VERSION=${CODE_VERSION}
ENV NODE_ENV production
🤖 Prompt for AI Agents 
In Dockerfile around lines 91-92, the HEALTHCHECK uses curl but the production
stage doesn't install it; add a package install for curl in that stage before
the HEALTHCHECK. If the base image is Alpine add a line like "RUN apk add
--no-cache curl", if it's Debian/Ubuntu add "RUN apt-get update && apt-get
install -y curl && rm -rf /var/lib/apt/lists/*", placing it in the production
stage so curl is available for the HEALTHCHECK command.


ENTRYPOINT ["sh", "/etc/local/entry.sh"]
87 changes: 87 additions & 0 deletions Jenkinsfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
pipeline {
agent {
kubernetes {
label 'hyperdx'
yaml """
apiVersion: v1
kind: Pod
spec:
containers:
- name: dind
image: sc-mum-armory.platform.internal/devops/dind:v2
securityContext:
privileged: true
env:
- name: DOCKER_HOST
value: tcp://localhost:2375
- name: DOCKER_TLS_CERTDIR
value: ""
Comment on lines +10 to +18
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Security concern: Privileged container without TLS

The dind container runs with privileged: true and DOCKER_TLS_CERTDIR: "" which disables TLS encryption for the Docker daemon. This exposes the Docker API without encryption.

Consider enabling TLS for the Docker daemon or document why this security trade-off is acceptable in your environment.

🤖 Prompt for AI Agents 
In the Jenkinsfile, around lines 10-18, the dind container is running in
privileged mode without TLS encryption enabled for the Docker daemon. This poses
a security concern as it exposes the Docker API without encryption. To address
this issue, either enable TLS encryption for the Docker daemon or document the
rationale for accepting this security trade-off in your environment.

volumeMounts:
- name: dind-storage
mountPath: /var/lib/docker
readinessProbe:
tcpSocket:
port: 2375
initialDelaySeconds: 30
periodSeconds: 10
livenessProbe:
tcpSocket:
port: 2375
initialDelaySeconds: 30
periodSeconds: 20
- name: builder
image: sc-mum-armory.platform.internal/devops/builder-image-armory
command:
- sleep
- infinity
env:
- name: DOCKER_HOST
value: tcp://localhost:2375
- name: DOCKER_BUILDKIT
value: "0"
volumeMounts:
- name: jenkins-sa
mountPath: /root/.gcp/
volumes:
Comment on lines +9 to +45
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Add resource limits for containers

The Pod specification lacks resource limits and requests for both containers, which could lead to resource contention and pod instability.

Add resource limits to prevent unbounded resource consumption:

 spec:
   containers:
   - name: dind
     image: sc-mum-armory.platform.internal/devops/dind:v2
+    resources:
+      requests:
+        memory: "512Mi"
+        cpu: "500m"
+      limits:
+        memory: "2Gi"
+        cpu: "2000m"
     securityContext:
       privileged: true
   - name: builder
     image: sc-mum-armory.platform.internal/devops/builder-image-armory
+    resources:
+      requests:
+        memory: "1Gi"
+        cpu: "1000m"
+      limits:
+        memory: "4Gi"
+        cpu: "4000m"
     command:
     - sleep
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
containers:
- name: dind
image: sc-mum-armory.platform.internal/devops/dind:v2
securityContext:
privileged: true
env:
- name: DOCKER_HOST
value: tcp://localhost:2375
- name: DOCKER_TLS_CERTDIR
value: ""
volumeMounts:
- name: dind-storage
mountPath: /var/lib/docker
readinessProbe:
tcpSocket:
port: 2375
initialDelaySeconds: 30
periodSeconds: 10
livenessProbe:
tcpSocket:
port: 2375
initialDelaySeconds: 30
periodSeconds: 20
- name: builder
image: sc-mum-armory.platform.internal/devops/builder-image-armory
command:
- sleep
- infinity
env:
- name: DOCKER_HOST
value: tcp://localhost:2375
- name: DOCKER_BUILDKIT
value: "0"
volumeMounts:
- name: jenkins-sa
mountPath: /root/.gcp/
volumes:
containers:
- name: dind
image: sc-mum-armory.platform.internal/devops/dind:v2
resources:
requests:
memory: "512Mi"
cpu: "500m"
limits:
memory: "2Gi"
cpu: "2000m"
securityContext:
privileged: true
env:
- name: DOCKER_HOST
value: tcp://localhost:2375
- name: DOCKER_TLS_CERTDIR
value: ""
volumeMounts:
- name: dind-storage
mountPath: /var/lib/docker
readinessProbe:
tcpSocket:
port: 2375
initialDelaySeconds: 30
periodSeconds: 10
livenessProbe:
tcpSocket:
port: 2375
initialDelaySeconds: 30
periodSeconds: 20
- name: builder
image: sc-mum-armory.platform.internal/devops/builder-image-armory
resources:
requests:
memory: "1Gi"
cpu: "1000m"
limits:
memory: "4Gi"
cpu: "4000m"
command:
- sleep
- infinity
env:
- name: DOCKER_HOST
value: tcp://localhost:2375
- name: DOCKER_BUILDKIT
value: "0"
volumeMounts:
- name: jenkins-sa
mountPath: /root/.gcp/
volumes:
🤖 Prompt for AI Agents 
In Jenkinsfile around lines 9 to 45, both the dind and builder container specs
are missing resource requests/limits; add a resources block under each container
with requests and limits for cpu and memory (and optionally ephemeral-storage)
to prevent unbounded consumption; set sensible values (e.g. requests smaller
than limits) appropriate for CI workloads and your cluster, validate units (m
for millicpu, Mi/Gi for memory), and adjust values after load testing or per
team policy.

- name: dind-storage
emptyDir: {}
- name: jenkins-sa
secret:
secretName: jenkins-sa
"""
}
}

environment {
sc_regions="mumbai"
GITHUB_TOKEN = credentials('github-access')
app="hyperdx"
buildarg_DEPLOYMENT_ID="hyperdx-$GIT_COMMIT"
buildarg_GITHUB_TOKEN="${GITHUB_TOKEN}"
}

stages {
stage('build') {
steps {
container('builder') {
sh "armory build"
}
}
}

stage('push') {
when {
anyOf {
branch 'main'
branch 'staging'
branch 'feature/*'
}
}
steps {
container('builder') {
sh "armory push"
}
}
}
}
}
18 changes: 15 additions & 3 deletions docker/hyperdx/entry.prod.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,13 +8,25 @@ export OPAMP_PORT=${HYPERDX_OPAMP_PORT:-4320}
export IS_LOCAL_APP_MODE="REQUIRED_AUTH"

echo ""
echo "Starting HyperDX services..."
echo "Visit the HyperDX UI at $FRONTEND_URL"
echo ""

# Check if required files exist
if [ ! -f "./packages/api/dist/index.js" ]; then
echo "ERROR: API build not found at ./packages/api/dist/index.js"
exit 1
fi

if [ ! -d "./packages/app/.next" ]; then
echo "ERROR: App build not found at ./packages/app/.next"
exit 1
fi

# Use concurrently to run both the API and App servers
npx concurrently \
"--kill-others-on-fail" \
"--names=API,APP,ALERT-TASK" \
"PORT=${HYPERDX_API_PORT:-8000} HYPERDX_APP_PORT=${HYPERDX_APP_PORT:-8080} node -r ./packages/api/tracing ./packages/api/index" \
"cd ./packages/app/packages/app && HOSTNAME='0.0.0.0' HYPERDX_API_PORT=${HYPERDX_API_PORT:-8000} PORT=${HYPERDX_APP_PORT:-8080} node server.js" \
"node -r ./packages/api/tracing ./packages/api/tasks/index check-alerts"
"PORT=${HYPERDX_API_PORT:-8000} HYPERDX_APP_PORT=${HYPERDX_APP_PORT:-8080} node -r ./packages/api/dist/tracing.js ./packages/api/dist/index.js" \
"cd ./packages/app && HOSTNAME='0.0.0.0' HYPERDX_API_PORT=${HYPERDX_API_PORT:-8000} PORT=${HYPERDX_APP_PORT:-8080} yarn start" \
"node -r ./packages/api/dist/tracing.js ./packages/api/dist/tasks/index.js check-alerts"
1 change: 1 addition & 0 deletions packages/app/src/AutocompleteInput.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -284,6 +284,7 @@ export default function AutocompleteInput({
if (queryHistoryType && value) {
setQueryHistory(value);
}
setIsInputDropdownOpen(false); // Close suggestion box on Enter
onSubmit?.();
}
}
Expand Down
Loading