Conversation
|
Note Reviews pausedIt looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the Use the following commands to manage reviews:
Use the checkboxes below for quick actions:
📝 WalkthroughWalkthroughAdds a Docker-based PostgreSQL read-replica setup (compose + init/config/scripts), removes an older compose file, updates CI to reference the new compose path, adjusts VSCode Java launch configurations, forces JVM timezone to UTC at startup, and appends UTC params to datasource JDBC URLs. Changes
Sequence Diagram(s)sequenceDiagram
autonumber
participant CI as CI
participant DC as Docker Compose
participant M as postgresql-master
participant S as postgresql-slave
participant PG as pgAdmin4
participant App as Spring Boot App
CI->>DC: docker compose -f docker/docker-compose.yml up -d postgresql-master postgresql-slave
DC->>M: start postgres:17 (mount init-master.sql & configure-master.sh)
DC->>PG: start pgAdmin4
DC->>S: start postgres:17 (entrypoint /setup-slave.sh)
rect rgba(220,240,255,0.5)
M->>M: run init SQL (create repl_user) and apply master config (WAL/replication)
end
rect rgba(255,245,220,0.5)
S->>M: wait until master healthy
alt PGDATA empty
S->>M: pg_basebackup using repl_user -> populate PGDATA
S->>S: append standby settings, set perms
else PGDATA exists
S->>S: ensure ownership & standby settings
end
S->>S: start PostgreSQL in standby mode
end
App->>M: connect primary JDBC (with UTC params)
App->>S: connect replica JDBC (with UTC params)
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes Poem
🚥 Pre-merge checks | ✅ 4✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 13
🧹 Nitpick comments (13)
jpa/boot-read-replica-postgresql/src/main/java/com/example/demo/readreplica/ReadReplicaApplication.java (1)
11-13: Set timezone via JVM args; avoid runtime System.setProperty.Setting user.timezone at runtime is brittle. Keep TimeZone.setDefault(...) or pass -Duser.timezone=UTC in launch/CI. Remove the System.setProperty line.
- System.setProperty("user.timezone", "UTC");jpa/boot-read-replica-postgresql/src/main/resources/application.yml (1)
23-23: Normalize Hikari property naming.Use either pool-name or poolName consistently. Spring’s binder handles both, but consistency helps.
- poolName: replicaHikariPool + pool-name: replicaHikariPooljpa/boot-read-replica-postgresql/docker/configure-master.sh (2)
2-2: Harden script options.Use -euo pipefail for safer bash.
-set -e +set -euo pipefail
10-15: Optional: move standby-only settings to the replica.hot_standby and hot_standby_feedback are only effective on standbys. Keep here for simplicity, but ideally set them in the replica’s config.
jpa/boot-read-replica-postgresql/docker/init-master.sql (1)
10-18: Tighten comments; actual pg_hba changes are done in shell script.Simplify to avoid confusion.
--- Update pg_hba.conf to allow replication connections --- This will be added to the end of pg_hba.conf by PostgreSQL init process -DO $$ -BEGIN - -- Add replication entry to pg_hba.conf - -- Note: The official postgres image handles pg_hba.conf configuration - -- The replication connection will be allowed via the default settings - RAISE NOTICE 'Replication user created successfully'; -END $$; +DO $$ +BEGIN + RAISE NOTICE 'Replication user created successfully'; +END $$;.vscode/launch.json (1)
296-305: Add UTC JVM arg for consistency with runtime timezone policy.This keeps dev runs aligned without relying on in-code System.setProperty.
{ "type": "java", "name": "Spring Boot-ReadReplicaApplication<boot-read-replica-postgresql>", "request": "launch", "cwd": "${workspaceFolder}", "mainClass": "com.example.demo.readreplica.ReadReplicaApplication", "projectName": "boot-read-replica-postgresql", "args": "", - "envFile": "${workspaceFolder}/.env" + "envFile": "${workspaceFolder}/.env", + "vmArgs": "-Duser.timezone=UTC" }jpa/boot-read-replica-postgresql/docker/setup-slave.sh (3)
2-2: Stricter bash safety flags.-set -e +set -Eeuo pipefail
8-14: Parameterize DB name and add a connect timeout.Hardcoding
my_databasecan fail if renamed. Default to${POSTGRES_DB:-postgres}and ensure quick retries.-echo "Waiting for master to be ready..." -until PGPASSWORD="$POSTGRES_PASSWORD" psql -h "$POSTGRES_MASTER_HOST" -p "$POSTGRES_MASTER_PORT" -U "$POSTGRES_USER" -d "my_database" -c '\l' > /dev/null 2>&1 +echo "Waiting for master to be ready..." +export PGCONNECT_TIMEOUT=${PGCONNECT_TIMEOUT:-5} +DB_TO_CHECK="${POSTGRES_DB:-postgres}" +until PGPASSWORD="$POSTGRES_PASSWORD" psql -h "$POSTGRES_MASTER_HOST" -p "$POSTGRES_MASTER_PORT" -U "$POSTGRES_USER" -d "$DB_TO_CHECK" -c '\l' > /dev/null 2>&1 do echo "Waiting for master database..." sleep 3 done
41-45: Avoid mixing config-file edits with -c flags (consistency).You already append
hot_standbysettings; relying on postgresql.conf in both branches avoids surprises.Apply the earlier
-Dfix and consider removing the-coverrides in Line 22 for consistency.jpa/boot-read-replica-postgresql/docker/docker-compose.yml (4)
25-25: Fix trailing whitespace (yamllint).
9-10: Mount init scripts read-only.Avoid accidental in-container edits.
- - './init-master.sql:/docker-entrypoint-initdb.d/01-init-master.sql' - - './configure-master.sh:/docker-entrypoint-initdb.d/02-configure-master.sh' + - './init-master.sql:/docker-entrypoint-initdb.d/01-init-master.sql:ro' + - './configure-master.sh:/docker-entrypoint-initdb.d/02-configure-master.sh:ro'
48-48: Add newline at EOF (yamllint).
34-43: Consider using a less-common default for pgAdmin credentials in public repos.Even in dev, “admin/admin” variants propagate into demos. Optional hardening.
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
💡 Knowledge Base configuration:
- MCP integration is disabled by default for public repositories
- Jira integration is disabled by default for public repositories
- Linear integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (9)
.github/workflows/jpa-boot-read-replica-postgresql.yml(1 hunks).vscode/launch.json(1 hunks)jpa/boot-read-replica-postgresql/docker-compose.yaml(0 hunks)jpa/boot-read-replica-postgresql/docker/configure-master.sh(1 hunks)jpa/boot-read-replica-postgresql/docker/docker-compose.yml(1 hunks)jpa/boot-read-replica-postgresql/docker/init-master.sql(1 hunks)jpa/boot-read-replica-postgresql/docker/setup-slave.sh(1 hunks)jpa/boot-read-replica-postgresql/src/main/java/com/example/demo/readreplica/ReadReplicaApplication.java(1 hunks)jpa/boot-read-replica-postgresql/src/main/resources/application.yml(1 hunks)
💤 Files with no reviewable changes (1)
- jpa/boot-read-replica-postgresql/docker-compose.yaml
🧰 Additional context used
🧠 Learnings (2)
📓 Common learnings
Learnt from: rajadilipkolli
PR: rajadilipkolli/my-spring-boot-experiments#0
File: :0-0
Timestamp: 2025-01-16T03:40:40.079Z
Learning: The boot-data-multipledatasources module demonstrates multiple datasource configuration with PostgreSQL (using Liquibase) and MySQL (using Flyway) databases, implementing parallel data fetching using CompletableFuture with a 5-second timeout.
📚 Learning: 2025-01-16T03:40:40.079Z
Learnt from: rajadilipkolli
PR: rajadilipkolli/my-spring-boot-experiments#0
File: :0-0
Timestamp: 2025-01-16T03:40:40.079Z
Learning: The boot-data-multipledatasources module demonstrates multiple datasource configuration with PostgreSQL (using Liquibase) and MySQL (using Flyway) databases, implementing parallel data fetching using CompletableFuture with a 5-second timeout.
Applied to files:
jpa/boot-read-replica-postgresql/src/main/resources/application.yml
🪛 YAMLlint (1.37.1)
jpa/boot-read-replica-postgresql/docker/docker-compose.yml
[error] 25-25: trailing spaces
(trailing-spaces)
[error] 48-48: no new line character at the end of file
(new-line-at-end-of-file)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
- GitHub Check: Codacy Static Code Analysis
🔇 Additional comments (2)
jpa/boot-read-replica-postgresql/src/main/java/com/example/demo/readreplica/ReadReplicaApplication.java (1)
3-3: LGTM on import.jpa/boot-read-replica-postgresql/docker/setup-slave.sh (1)
1-50: Confirm gosu availability and script exec bit.Ensure
gosuexists in postgres:17 image (it does in official) and the repo preserves +x on this script so the container can run it.Would you like a quick checklist or a pre-flight CI step to assert both?
| run: | | ||
| docker compose up -d postgresql-master postgresql-slave | ||
| docker compose -f docker/docker-compose.yml up -d postgresql-master postgresql-slave | ||
| sleep 5 | ||
| docker ps -a | ||
| - name: Build and analyze |
There was a problem hiding this comment.
🛠️ Refactor suggestion
Use healthchecks and --wait to deflake CI; drop arbitrary sleep.
Rely on Compose health status rather than sleep 5.
- docker compose -f docker/docker-compose.yml up -d postgresql-master postgresql-slave
- sleep 5
+ docker compose -f docker/docker-compose.yml up -d --wait
docker ps -aFollow-up: add healthchecks in the compose file (see next comment).
📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| run: | | |
| docker compose up -d postgresql-master postgresql-slave | |
| docker compose -f docker/docker-compose.yml up -d postgresql-master postgresql-slave | |
| sleep 5 | |
| docker ps -a | |
| - name: Build and analyze | |
| run: | | |
| docker compose -f docker/docker-compose.yml up -d --wait | |
| docker ps -a |
🤖 Prompt for AI Agents
.github/workflows/jpa-boot-read-replica-postgresql.yml lines 35-39: the workflow
uses a fixed sleep to wait for DBs which flakes; replace the arbitrary sleep
with compose health-based waiting and remove the sleep. Update the `docker
compose` invocation to use the built-in wait behavior (e.g. `docker compose up
-d --wait` or `docker compose up -d` followed by a compose wait/health-check
loop) so the step blocks until postgresql-master and postgresql-slave are
healthy, and ensure the docker-compose.yml defines proper healthchecks for those
services; drop `sleep 5` and add a sensible timeout/fail behavior if services
don’t become healthy.
| cat >> "$PGDATA/postgresql.conf" <<EOF | ||
|
|
||
| # Replication settings | ||
| wal_level = replica | ||
| max_wal_senders = 3 | ||
| max_replication_slots = 3 | ||
| hot_standby = on | ||
| hot_standby_feedback = on | ||
| listen_addresses = '*' | ||
| EOF |
There was a problem hiding this comment.
🛠️ Refactor suggestion
Add essential PG settings for modern auth and dev replication.
Ensure SCRAM and retain WAL for short outages.
cat >> "$PGDATA/postgresql.conf" <<EOF
# Replication settings
wal_level = replica
max_wal_senders = 3
max_replication_slots = 3
hot_standby = on
hot_standby_feedback = on
listen_addresses = '*'
+password_encryption = scram-sha-256
+wal_keep_size = 64MB
EOF📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| cat >> "$PGDATA/postgresql.conf" <<EOF | |
| # Replication settings | |
| wal_level = replica | |
| max_wal_senders = 3 | |
| max_replication_slots = 3 | |
| hot_standby = on | |
| hot_standby_feedback = on | |
| listen_addresses = '*' | |
| EOF | |
| cat >> "$PGDATA/postgresql.conf" <<EOF | |
| # Replication settings | |
| wal_level = replica | |
| max_wal_senders = 3 | |
| max_replication_slots = 3 | |
| hot_standby = on | |
| hot_standby_feedback = on | |
| listen_addresses = '*' | |
| password_encryption = scram-sha-256 | |
| wal_keep_size = 64MB | |
| EOF |
🤖 Prompt for AI Agents
In jpa/boot-read-replica-postgresql/docker/configure-master.sh around lines 7 to
16, the generated postgresql.conf lacks modern auth and WAL-retention settings;
update the appended block to set password_encryption = 'scram-sha-256' to enable
SCRAM authentication and add a small WAL retention like wal_keep_size = 64MB (or
a size appropriate for your outage window) so standby replicas can catch up
after short outages; keep the existing replication settings and ensure these two
lines are added to the same heredoc so they are written into postgresql.conf.
| cat >> "$PGDATA/pg_hba.conf" <<EOF | ||
|
|
||
| # Replication connections | ||
| host replication repl_user 0.0.0.0/0 md5 | ||
| EOF |
There was a problem hiding this comment.
Use SCRAM and avoid world-open CIDR for replication access.
md5 will fail if users are stored with SCRAM (default in newer Postgres). Also, 0.0.0.0/0 is unnecessarily broad; restrict to your Docker network or make it configurable.
cat >> "$PGDATA/pg_hba.conf" <<EOF
# Replication connections
-host replication repl_user 0.0.0.0/0 md5
+# Prefer a narrowed CIDR (e.g., 172.18.0.0/16) or pass REPLICA_CIDR via env.
+host replication repl_user ${REPLICA_CIDR:-172.18.0.0/16} scram-sha-256
EOF📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| cat >> "$PGDATA/pg_hba.conf" <<EOF | |
| # Replication connections | |
| host replication repl_user 0.0.0.0/0 md5 | |
| EOF | |
| cat >> "$PGDATA/pg_hba.conf" <<EOF | |
| # Replication connections | |
| # Prefer a narrowed CIDR (e.g., 172.18.0.0/16) or pass REPLICA_CIDR via env. | |
| host replication repl_user ${REPLICA_CIDR:-172.18.0.0/16} scram-sha-256 | |
| EOF |
🤖 Prompt for AI Agents
In jpa/boot-read-replica-postgresql/docker/configure-master.sh around lines 19
to 23, the pg_hba.conf entry uses "md5" and "0.0.0.0/0"; update it to use
"scram-sha-256" (to match modern Postgres SCRAM password storage) and restrict
the allowed CIDR to a more specific network or a configurable environment
variable (e.g., use an env var like REPL_NETWORK with a sensible default) so
replication access is not world-open; also ensure repl_user is
created/configured to use SCRAM-authenticated password in the setup scripts.
| if [ "$(ls -A $PGDATA 2>/dev/null)" ]; then | ||
| echo "Data directory exists, starting PostgreSQL..." | ||
| # Change ownership and start as postgres user | ||
| chown -R postgres:postgres "$PGDATA" | ||
| exec gosu postgres postgres -c hot_standby=on -c hot_standby_feedback=on | ||
| else |
There was a problem hiding this comment.
🛠️ Refactor suggestion
Make the data-dir check robust and quote variables.
ls -A on a non-PG dir can false-positive. Check PG_VERSION instead and quote $PGDATA.
-if [ "$(ls -A $PGDATA 2>/dev/null)" ]; then
+if [ -s "$PGDATA/PG_VERSION" ]; then📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| if [ "$(ls -A $PGDATA 2>/dev/null)" ]; then | |
| echo "Data directory exists, starting PostgreSQL..." | |
| # Change ownership and start as postgres user | |
| chown -R postgres:postgres "$PGDATA" | |
| exec gosu postgres postgres -c hot_standby=on -c hot_standby_feedback=on | |
| else | |
| if [ -s "$PGDATA/PG_VERSION" ]; then | |
| echo "Data directory exists, starting PostgreSQL..." | |
| # Change ownership and start as postgres user | |
| chown -R postgres:postgres "$PGDATA" | |
| exec gosu postgres postgres -c hot_standby=on -c hot_standby_feedback=on | |
| else |
🤖 Prompt for AI Agents
In jpa/boot-read-replica-postgresql/docker/setup-slave.sh around lines 18 to 23,
the current data-dir check using ls -A can return false positives and doesn't
quote variables; replace it with a robust existence check for the PostgreSQL
version file and quote PGDATA. Specifically, test for the presence of
"$PGDATA/PG_VERSION" (e.g. if [ -f "$PGDATA/PG_VERSION" ]; then) and ensure all
references to PGDATA are quoted (e.g. "$PGDATA") before chown and when deciding
to start PostgreSQL.
| echo "Data directory exists, starting PostgreSQL..." | ||
| # Change ownership and start as postgres user | ||
| chown -R postgres:postgres "$PGDATA" | ||
| exec gosu postgres postgres -c hot_standby=on -c hot_standby_feedback=on |
There was a problem hiding this comment.
🛠️ Refactor suggestion
Pass data dir explicitly to postgres.
Be explicit with -D "$PGDATA"; relying on environment here is brittle.
- exec gosu postgres postgres -c hot_standby=on -c hot_standby_feedback=on
+ exec gosu postgres postgres -D "$PGDATA" -c hot_standby=on -c hot_standby_feedback=on📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| exec gosu postgres postgres -c hot_standby=on -c hot_standby_feedback=on | |
| exec gosu postgres postgres -D "$PGDATA" -c hot_standby=on -c hot_standby_feedback=on |
🤖 Prompt for AI Agents
In jpa/boot-read-replica-postgresql/docker/setup-slave.sh around line 22, the
postgres invocation should explicitly pass the data directory; replace the
existing exec line with one that adds -D "$PGDATA" before the -c options (i.e.
exec gosu postgres postgres -D "$PGDATA" -c hot_standby=on -c
hot_standby_feedback=on), preserving the existing flags and ensuring PGDATA is
quoted.
| PGPASSWORD="$REPLICATION_PASSWORD" pg_basebackup \ | ||
| -h "$POSTGRES_MASTER_HOST" \ | ||
| -p "$POSTGRES_MASTER_PORT" \ | ||
| -U "$REPLICATION_USER" \ | ||
| -D "$PGDATA" \ | ||
| -W \ | ||
| -v \ | ||
| -R \ | ||
| -X stream |
There was a problem hiding this comment.
Remove -W; it forces an interactive password prompt and can hang CI.
pg_basebackup -W ignores PGPASSWORD and demands a TTY; you already export PGPASSWORD. Drop -W.
- -W \
-v \
-R \
-X stream📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| PGPASSWORD="$REPLICATION_PASSWORD" pg_basebackup \ | |
| -h "$POSTGRES_MASTER_HOST" \ | |
| -p "$POSTGRES_MASTER_PORT" \ | |
| -U "$REPLICATION_USER" \ | |
| -D "$PGDATA" \ | |
| -W \ | |
| -v \ | |
| -R \ | |
| -X stream | |
| PGPASSWORD="$REPLICATION_PASSWORD" pg_basebackup \ | |
| -h "$POSTGRES_MASTER_HOST" \ | |
| -p "$POSTGRES_MASTER_PORT" \ | |
| -U "$REPLICATION_USER" \ | |
| -D "$PGDATA" \ | |
| -v \ | |
| -R \ | |
| -X stream |
🤖 Prompt for AI Agents
In jpa/boot-read-replica-postgresql/docker/setup-slave.sh around lines 27 to 35,
the pg_basebackup invocation includes the -W flag which forces an interactive
password prompt (ignoring PGPASSWORD) and can hang CI; remove the -W flag from
the command so PGPASSWORD is used non-interactively, and verify PGPASSWORD is
exported or set in the environment before calling pg_basebackup.
| EOF | ||
|
|
||
| echo "Base backup complete. Starting PostgreSQL in standby mode..." | ||
| exec gosu postgres postgres |
There was a problem hiding this comment.
🛠️ Refactor suggestion
Same: start with -D.
- exec gosu postgres postgres
+ exec gosu postgres postgres -D "$PGDATA"📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| exec gosu postgres postgres | |
| exec gosu postgres postgres -D "$PGDATA" |
🤖 Prompt for AI Agents
In jpa/boot-read-replica-postgresql/docker/setup-slave.sh around line 48, the
postgres process is started without the data-directory flag; update the exec
line to start the postgres server with the same -D data-directory argument used
elsewhere (e.g., pass -D followed by the PGDATA path variable) so the server
uses the correct data directory when launched under gosu postgres.
| username: postgres_write | ||
| driverClassName: org.postgresql.Driver | ||
| url: jdbc:postgresql://localhost:5432/my_database | ||
| url: jdbc:postgresql://localhost:5432/my_database?TimeZone=UTC&serverTimezone=UTC |
There was a problem hiding this comment.
🛠️ Refactor suggestion
Fix PostgreSQL timezone configuration; remove MySQL-only serverTimezone.
serverTimezone is a MySQL property and is ignored by the PG driver. Use PG’s options to set the session timezone, or rely on hibernate.jdbc.time_zone + JVM UTC. Update URLs and drop the extraneous data-source-properties.
- url: jdbc:postgresql://localhost:5432/my_database?TimeZone=UTC&serverTimezone=UTC
+ url: jdbc:postgresql://localhost:5432/my_database?options=-c%20timezone=UTC
@@
- serverTimezone: UTC
@@
- url: jdbc:postgresql://localhost:15432/my_database?TimeZone=UTC&serverTimezone=UTC
+ url: jdbc:postgresql://localhost:15432/my_database?options=-c%20timezone=UTC
@@
- data-source-properties:
- serverTimezone: UTC
+ data-source-properties: {}Also applies to: 14-14, 20-20, 24-25
🤖 Prompt for AI Agents
In jpa/boot-read-replica-postgresql/src/main/resources/application.yml around
line 8 (and likewise at 14, 20, and 24-25) the JDBC URL includes the MySQL-only
parameter serverTimezone which the PostgreSQL driver ignores; remove
serverTimezone from the URLs and either add Postgres-compatible session timezone
(e.g. append ?options=-c%20TimeZone=UTC) or rely on hibernate.jdbc.time_zone and
setting the JVM default to UTC, and delete any extraneous data-source-properties
related to MySQL.
💡 Verification agent
🧩 Analysis chain
Verify connectivity rules for host->container access.
If pg_hba.conf doesn’t allow host connections for normal DB access, app connections to localhost:5432/15432 may fail. Ensure pg_hba has a “host all … scram-sha-256” rule for your CIDR on both primary and replica.
Also applies to: 20-20
🏁 Script executed:
#!/bin/bash
# Inspect any pg_hba additions in repo (compose/scripts)
rg -nP "pg_hba\.conf|host\s+all\s+all" -C2Length of output: 1600
Add host rules for normal DB access in pg_hba.conf
The Docker init scripts only append replication entries. You must also append a host all all <your-CIDR> scram-sha-256 rule to $PGDATA/pg_hba.conf for application connections in both docker/configure-master.sh (and your replica setup) to ensure the app can connect.
🤖 Prompt for AI Agents
In jpa/boot-read-replica-postgresql/src/main/resources/application.yml around
line 8, the Docker init only appends replication entries to pg_hba.conf so
application connections will be rejected; update docker/configure-master.sh (and
your replica setup script) to also append a host rule like "host all all
<YOUR_CIDR> scram-sha-256" to $PGDATA/pg_hba.conf (use a configurable CIDR
variable), ensure the append happens after PGDATA exists, and trigger a Postgres
reload/restart as needed so the new rule takes effect.
There was a problem hiding this comment.
Actionable comments posted: 0
♻️ Duplicate comments (3)
jpa/boot-read-replica-postgresql/docker/docker-compose.yml (3)
15-20: Past suggestion addressed: master healthcheck added correctly.Health probe via pg_isready looks good and enables compose --wait.
25-27: Past suggestion addressed: slave waits for healthy master.Using depends_on with condition: service_healthy is the right call.
40-45: Past suggestion addressed: slave healthcheck present and reasonable.Readiness for the replica is covered.
🧹 Nitpick comments (7)
jpa/boot-read-replica-postgresql/docker/docker-compose.yml (7)
17-20: Make healthchecks more tolerant of first-time init.Initial cluster init + scripts can exceed current start_period/timeout. Consider slightly looser thresholds to reduce false negatives.
Apply:
- interval: 5s - timeout: 3s - retries: 20 - start_period: 10s + interval: 10s + timeout: 5s + retries: 30 + start_period: 30s- interval: 5s - timeout: 3s - retries: 20 - start_period: 15s + interval: 10s + timeout: 5s + retries: 30 + start_period: 45sAlso applies to: 42-45
51-52: Make pgAdmin depend on a healthy master.This avoids pgAdmin racing the DB on cold starts.
- depends_on: - - postgresql-master + depends_on: + postgresql-master: + condition: service_healthy
4-6: Add restart policies for smoother local UX.Ensures services recover from transient failures and after daemon restarts.
postgresql-master: image: 'postgres:17' + restart: unless-stopped ports: - '5432:5432' @@ postgresql-slave: image: 'postgres:17' + restart: unless-stopped ports: - '15432:5432' @@ pgadmin4: image: dpage/pgadmin4 + restart: unless-stopped ports: - "5050:80"Also applies to: 22-24, 48-50
5-6: Parameterize host ports to avoid clashes.Allows overriding without editing the file (helpful if 5432 already in use).
- - '5432:5432' + - '${PG_MASTER_PORT:-5432}:5432' @@ - - '15432:5432' + - '${PG_REPLICA_PORT:-15432}:5432'Also applies to: 23-24
31-38: Move dev credentials to an env file (or document clearly as dev-only).Reduces accidental leaks and eases overrides; keep current values in .env.example.
Example:
- environment: - - POSTGRES_USER=postgres_write - - POSTGRES_PASSWORD=postgres_write - - POSTGRES_DB=my_database + env_file: + - .env.postgresAnd for pgAdmin:
- environment: - - PGADMIN_DEFAULT_EMAIL=pgadmin4@pgadmin.org - - PGADMIN_DEFAULT_PASSWORD=admin + env_file: + - .env.pgadminAlso applies to: 53-55, 11-14
21-39: Consider renaming “slave” to “replica/standby.”More inclusive and aligns with Postgres docs (“primary/standby,” “publisher/subscriber”). No functional impact.
61-61: Add a newline at EOF.Fixes YAMLlint warning and keeps diffs cleaner.
- driver: local \ No newline at end of file + driver: local +
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
💡 Knowledge Base configuration:
- MCP integration is disabled by default for public repositories
- Jira integration is disabled by default for public repositories
- Linear integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (1)
jpa/boot-read-replica-postgresql/docker/docker-compose.yml(1 hunks)
🧰 Additional context used
🪛 YAMLlint (1.37.1)
jpa/boot-read-replica-postgresql/docker/docker-compose.yml
[error] 61-61: no new line character at the end of file
(new-line-at-end-of-file)
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (1)
.github/workflows/jpa-boot-read-replica-postgresql.yml (1)
35-39: Consider replacing arbitrary sleep with health-based waiting.As noted in a previous review, the fixed
sleep 5can cause flaky CI runs if databases take longer to start. Modern Docker Compose supports the--waitflag to block until services report healthy.Consider refactoring to:
- docker compose -f docker/docker-compose.yml up -d postgresql-master postgresql-slave - sleep 5 + docker compose -f docker/docker-compose.yml up -d --wait docker ps -aThis requires defining healthchecks in
docker/docker-compose.ymlforpostgresql-masterandpostgresql-slaveservices.
📜 Review details
Configuration used: defaults
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (2)
.github/workflows/jpa-boot-read-replica-postgresql.yml.vscode/launch.json
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
- GitHub Check: Codacy Static Code Analysis
🔇 Additional comments (3)
.github/workflows/jpa-boot-read-replica-postgresql.yml (1)
36-36: LGTM! Path correctly points to the new compose file.The explicit
-f docker/docker-compose.ymlflag correctly references the compose file relative to the working directory and aligns with the PR's restructuring..vscode/launch.json (2)
296-305: LGTM!The launch configuration for
ReadReplicaApplicationis correctly structured and aligns with the new read-replica PostgreSQL module introduced in this PR.
306-315: LGTM!The
StrategyPluginApplicationlaunch configuration is correctly preserved as a separate entry after theReadReplicaApplicationconfig was added.
There was a problem hiding this comment.
🧹 Nitpick comments (1)
.vscode/launch.json (1)
306-315: Inconsistent indentation in the new StrategyPluginApplication block.This block uses 6-space indentation for properties (and 10-space for the closing brace), whereas every other configuration block in the file uses 4-space indentation (8-space for closing braces). Aligning it keeps the file consistent.
🔧 Proposed fix
{ - "type": "java", - "name": "Spring Boot-StrategyPluginApplication<boot-strategy-plugin>", - "request": "launch", - "cwd": "${workspaceFolder}", - "mainClass": "com.example.plugin.strategyplugin.StrategyPluginApplication", - "projectName": "boot-strategy-plugin", - "args": "", - "envFile": "${workspaceFolder}/.env" - }, + "type": "java", + "name": "Spring Boot-StrategyPluginApplication<boot-strategy-plugin>", + "request": "launch", + "cwd": "${workspaceFolder}", + "mainClass": "com.example.plugin.strategyplugin.StrategyPluginApplication", + "projectName": "boot-strategy-plugin", + "args": "", + "envFile": "${workspaceFolder}/.env" + },🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.vscode/launch.json around lines 306 - 315, The JSON launch configuration block for "Spring Boot-StrategyPluginApplication<boot-strategy-plugin>" has inconsistent indentation (6 spaces for properties and 10 for the closing brace); update that object so its properties use the same 4-space indentation as the other blocks and the closing brace uses 8 spaces, keeping keys like "type", "name", "request", "cwd", "mainClass", "projectName", "args", and "envFile" aligned with the rest of the file.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Nitpick comments:
In @.vscode/launch.json:
- Around line 306-315: The JSON launch configuration block for "Spring
Boot-StrategyPluginApplication<boot-strategy-plugin>" has inconsistent
indentation (6 spaces for properties and 10 for the closing brace); update that
object so its properties use the same 4-space indentation as the other blocks
and the closing brace uses 8 spaces, keeping keys like "type", "name",
"request", "cwd", "mainClass", "projectName", "args", and "envFile" aligned with
the rest of the file.
1 participant
Summary by CodeRabbit
New Features
Chores