fix(ci): replace curl health-check with bash TCP check for qdrant container#25
Merged
vineethwilson15 merged 1 commit intomasterfrom Mar 7, 2026
Merged
Conversation
…tainer qdrant/qdrant:latest (v1.17.0+) uses debian:bookworm-slim which does not include curl, causing the service container health check to fail even though Qdrant starts successfully. Replace with a bash TCP redirect check which works on any Debian image without additional tooling: bash -c ':> /dev/tcp/localhost/6333'
WalkthroughThe qdrant service health check in the CI workflow was modified from an HTTP-based curl probe to a TCP connection probe using bash. This changes how the service readiness is validated during testing. Changes
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~5 minutes 🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
.github/workflows/ci.yml (1)
105-110:⚠️ Potential issue | 🟠 MajorPin Qdrant to a tested image tag to maintain dual-store consistency.
Neo4j is pinned to
5.18, but Qdrant useslatest. The health check depends on Bash-specific/dev/tcp, which can break on future base image changes. Pin Qdrant to the version validated by this PR to keep Neo4j and Qdrant versioning in sync.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.github/workflows/ci.yml around lines 105 - 110, Replace the qdrant service image from the floating tag to the specific tested tag and change the bash-specific health check: update the qdrant "image" value (the qdrant service's image field) from "qdrant/qdrant:latest" to the pinned tag used/validated by this PR, and replace the "options" health-cmd (which currently uses bash /dev/tcp) with a more portable command (e.g., curl or wget against localhost:6333/health) so the health check won't break if the base image drops bash.
🧹 Nitpick comments (1)
.github/workflows/ci.yml (1)
109-110: Keep the readiness check at HTTP level.A bare TCP connect is weaker than the old
/healthzprobe: it can go green on an open socket before the HTTP health endpoint is actually serving. You can keep the "no curl" fix and still probe/healthzover Bash TCP so the dual-store integration job waits for Qdrant itself, not just port 6333. (docs.docker.com)♻️ Proposed fix
- --health-cmd "bash -c ':> /dev/tcp/localhost/6333'" + --health-cmd "bash -ec 'exec 3<>/dev/tcp/127.0.0.1/6333 && printf \"GET /healthz HTTP/1.1\r\nHost: 127.0.0.1\r\nConnection: close\r\n\r\n\" >&3 && read -r status <&3 && [[ $status == *\" 200 \"* ]]'"🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In @.github/workflows/ci.yml around lines 109 - 110, The current readiness check uses a raw TCP connect in the workflow options (the options: >- block with --health-cmd "bash -c ':> /dev/tcp/localhost/6333'"), which can succeed before Qdrant's HTTP health endpoint is ready; change the --health-cmd to perform an HTTP-level probe against /healthz over the same TCP socket (send an HTTP GET for /healthz on port 6333 and verify an HTTP 200/1.1 response) so the job waits for the actual HTTP health endpoint rather than just an open port.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Outside diff comments:
In @.github/workflows/ci.yml:
- Around line 105-110: Replace the qdrant service image from the floating tag to
the specific tested tag and change the bash-specific health check: update the
qdrant "image" value (the qdrant service's image field) from
"qdrant/qdrant:latest" to the pinned tag used/validated by this PR, and replace
the "options" health-cmd (which currently uses bash /dev/tcp) with a more
portable command (e.g., curl or wget against localhost:6333/health) so the
health check won't break if the base image drops bash.
---
Nitpick comments:
In @.github/workflows/ci.yml:
- Around line 109-110: The current readiness check uses a raw TCP connect in the
workflow options (the options: >- block with --health-cmd "bash -c ':>
/dev/tcp/localhost/6333'"), which can succeed before Qdrant's HTTP health
endpoint is ready; change the --health-cmd to perform an HTTP-level probe
against /healthz over the same TCP socket (send an HTTP GET for /healthz on port
6333 and verify an HTTP 200/1.1 response) so the job waits for the actual HTTP
health endpoint rather than just an open port.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Run ID: 05b033fc-d304-44cf-821a-d3ba0d653815
📒 Files selected for processing (1)
.github/workflows/ci.yml
vineethwilson15
added a commit
that referenced
this pull request
Mar 7, 2026
…precated Codecov action (#26) Follow-up to #25 addressing all CodeRabbit review comments. ## Changes ### 1. Pin Qdrant image to `v1.17.0` `qdrant/qdrant:latest` is unpinned — future base image changes could silently break the health check or integration tests. Pinned to the version validated by #25 to match Neo4j's pinning strategy. ### 2. Upgrade health-check from bare TCP to HTTP `/healthz` probe The previous bare TCP check marks the container healthy as soon as the port accepts connections, which can happen before Qdrant's HTTP server is fully serving. Replaced with a proper HTTP probe over bash TCP: bash -ec 'exec 3<>/dev/tcp/127.0.0.1/6333 && printf "GET /healthz HTTP/1.1\r\nHost: 127.0.0.1\r\nConnection: close\r\n\r\n" >&3 && read -r status <&3 && [[ $status == *" 200 "* ]]' This validates a real HTTP 200 from `/healthz` — same strictness as the old `curl` probe, no external tooling needed. ### 3. Fix deprecated `codecov/test-results-action@v1` CI logs warned this action is deprecated. Replaced with `codecov/codecov-action@v5` using `report_type: test_results` as recommended. ### 4. Guard integration test step against empty directory When `tests/integration/` has no `test_*.py` files, pytest exits with code 4 (no tests collected), failing the job. Added a `find` guard to skip gracefully until integration tests are written. ### 5. Add Git branch discipline rules to copilot instructions Documented the branching workflow in `.github/copilot-instructions.md` so AI agents and contributors always create a feature branch before making any commits, never pushing directly to `master`. ## Testing Add the `run-integration` label to trigger the integration tests job. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Chores** * Improved CI/CD pipeline reliability with enhanced health checks and optimized conditional test execution * Updated test reporting integration for improved visibility * Added detailed Git workflow guidelines for branch management and code contributions <!-- end of auto-generated comment: release notes by coderabbit.ai --> --------- Co-authored-by: Vineeth Wilson <vineeth.wilson@siemens.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
The integration tests job was failing with:
Qdrant itself started successfully (HTTP on 6333, gRPC on 6334), but the
GitHub Actions service container health check was reporting failure.
Root cause:
qdrant/qdrant:latestv1.17.0+ usesdebian:bookworm-slimas its base image, which does not ship
curl. The configured healthcheck command
curl -sf http://localhost:6333/healthzexited withcommand not found, causing GitHub Actions to mark the container asunhealthy and abort the job.
Fix
Replace with a pure bash TCP connection check that requires no external
tooling:
This opens a TCP socket to port 6333. It succeeds as soon as Qdrant's HTTP
server is accepting connections — no
curl,wget, or any other binaryrequired.
Testing
run-integrationlabel to this PR to trigger the integrationtests job and verify the fix
Summary by CodeRabbit