fix(docker): wire env, observability, and local node for Docker stack#49
fix(docker): wire env, observability, and local node for Docker stack#49
Conversation
- Executor reads GRPC_ADDRESS from environment, falls back to localhost:50051 - Monitor reads METRICS_PORT and DASHBOARD_PORT from environment, falls back to 9090/8080
- aether-rust receives ETH_RPC_URL, GRPC_ADDRESS, AETHER_NODES_CONFIG with .env passthrough - Added Grafana service with auto-provisioned Prometheus datasource - Added opt-in reth service (--profile node) with shared IPC volume for low-latency node access - Prometheus config notes Rust metrics endpoint is not yet available - Loki explicitly deferred — logs available via docker logs
- GRPC_ADDRESS set to 0.0.0.0:50051 so Go container can reach Rust over Docker network - go.Dockerfile copies internal/ package required by executor and monitor builds
Pablosinyores
left a comment
Pablosinyores
left a comment
There was a problem hiding this comment.
Review: fix(docker): wire env, observability, and local node for Docker stack
Issue #45 Acceptance Criteria
- Compose env vars consumed by services —
GRPC_ADDRESSin executor,METRICS_PORT/DASHBOARD_PORTin monitor - Rust configurable for external or local node —
ETH_RPC_URL,AETHER_NODES_CONFIGenv vars +.envpassthrough - Local-node path documented and reproducible — opt-in reth profile with shared IPC volume
- Prometheus/Grafana present or deferred — Grafana added with auto-provisioned datasource, Loki explicitly deferred with comment
- README/docs match real stack — Grafana in compose, Loki deferred with inline comment
Findings
WARNING (W1): env_file: ../../.env will fail if .env doesn't exist
Docker Compose v3.8 spec errors on missing env_file. New users cloning the repo without a .env file will get a startup error. The .env is gitignored (correctly), but there's no .env.example to copy from.
Suggested fix: Either add required: false (Compose v2.24+) or add a .env.example with placeholder values.
Non-blocking — this is a DX issue, not a correctness issue.
SUGGESTION (S1): Grafana default admin password
GF_SECURITY_ADMIN_PASSWORD=admin is fine for local dev but should be called out. Since GF_AUTH_ANONYMOUS_ENABLED=true with Viewer role is set, anonymous users get read-only access, which is the right default for a monitoring dashboard. Acceptable for dev compose.
SUGGESTION (S2): No port validation on env var reads
METRICS_PORT and DASHBOARD_PORT are used directly as strings in ":" + metricsPort. Malformed values (e.g., METRICS_PORT=abc) will produce a confusing listen tcp: address :abc: invalid port error. Not worth fixing for internal infra config.
Code Quality
- Env var fallback pattern is clean and idiomatic Go
GRPC_ADDRESS=0.0.0.0:50051for Rust container is correct for Docker cross-container networkinggo.Dockerfilecorrectly addsCOPY internal/ internal/— required for the build since executor/monitor import frominternal/- Grafana provisioning datasource correctly points to
http://prometheus:9090(Docker service name) - Reth profile-gated correctly — won't start unless explicitly requested
- Shared
reth-ipc:/tmpvolume enables IPC between reth and aether-rust containers - Prometheus config honestly notes Rust metrics aren't available yet
Tests
- All CI checks pass (toolchain, rust, go, solidity)
- Rust workspace: all tests pass, clippy clean
- Solidity: 12/12 tests pass
Security
- No secrets in compose (postgres password is
aether_dev— acceptable for local dev) .envis gitignored- No AI attribution in commits
- Conventional commit format followed
Verdict: APPROVE
Clean infrastructure PR that correctly wires env vars, adds observability tooling, and provides an opt-in local node path. All acceptance criteria met. W1 is a DX improvement that can be a follow-up.
| - AETHER_NODES_CONFIG=/app/config/nodes.yaml | ||
| env_file: | ||
| - ../../.env | ||
| restart: unless-stopped |
There was a problem hiding this comment.
WARNING: env_file will error if ../../.env doesn't exist.
New developers cloning the repo without a .env will get a Docker Compose startup failure. Consider adding required: false (Compose v2.24+):
env_file:
- path: ../../.env
required: falseOr ship a .env.example with placeholder values that users copy.
There was a problem hiding this comment.
Fixed — switched to required: false (Compose v2.24+) on both aether-rust and aether-go so missing .env no longer blocks startup.
env_file:
- path: ../../.env
required: falseWe also ship a .env.example at repo root for reference.
| ports: | ||
| - "3000:3000" | ||
| environment: | ||
| - GF_SECURITY_ADMIN_PASSWORD=admin |
There was a problem hiding this comment.
SUGGESTION: GF_SECURITY_ADMIN_PASSWORD=admin is fine for local dev. If this compose file ever gets used in staging/prod, this should be pulled from .env or a secret. Fine as-is for now.
There was a problem hiding this comment.
Agreed — keeping admin for local dev. Will move to .env / secrets if this compose file ever targets staging/prod.
| cfg := defaultConfig() | ||
|
|
||
| // Environment overrides for container / systemd deployments | ||
| if v := os.Getenv("GRPC_ADDRESS"); v != "" { |
There was a problem hiding this comment.
WARNING: Duplicate GRPC_ADDRESS read. The main branch already has this env override at line 76 (with a log message). This new block at line 52 is redundant — it sets the value, then line 76 sets it again. Remove this block and keep the existing one.
There was a problem hiding this comment.
Good catch — removed the redundant block at line 52. The existing read at line 76 (with logging) is the one that stays.
Additional Findings (Post-Review)After cross-referencing with the full WARNING (W2): Duplicate The WARNING (W3):
These don't change the APPROVE verdict — they're quick fixes that should ideally be addressed before merge but aren't blockers. |
…ESS, wire Go env - Use `required: false` on env_file so missing .env doesn't break docker compose up - Add env_file to aether-go service so SEARCHER_KEY and ETH_RPC_URL are available - Remove duplicate GRPC_ADDRESS read in loadConfig(); keep the existing one with logging
|
All three findings addressed in 44eb9cc:
All tests passing (Go + Rust + clippy + docker compose config + start.sh). |
Pablosinyores
left a comment
Pablosinyores
left a comment
There was a problem hiding this comment.
Re-Review: fix(docker): wire env, observability, and local node for Docker stack
Re-review after 44eb9cc addressed all review findings.
Previous Findings Resolution
| Finding | Severity | Status | Fix |
|---|---|---|---|
W1: env_file fails if .env missing |
WARNING | ✅ RESOLVED | Switched to required: false on both services |
| S1: Grafana default admin password | SUGGESTION | ✅ ACKNOWLEDGED | Fine for local dev |
| Inline: Duplicate GRPC_ADDRESS read | WARNING | ✅ RESOLVED | Redundant block removed |
Verdict: APPROVE (re-confirmed)
All review findings addressed cleanly. Ready to merge.
2 participants
Summary
Docker setup lacked proper env var consumption, Ethereum node integration, and observability wiring.
Changes
Go services read env vars
cmd/executor/main.goreadsGRPC_ADDRESSfrom environment, falls back tolocalhost:50051cmd/monitor/metrics.goreadsMETRICS_PORTandDASHBOARD_PORTfrom environment, falls back to9090/8080Docker compose wiring
aether-rustreceivesETH_RPC_URL,GRPC_ADDRESS,AETHER_NODES_CONFIGwith.envpassthroughaether-rustbinds gRPC to0.0.0.0:50051so Go container can reach it over Docker networkgo.Dockerfilecopiesinternal/package (was missing, caused Docker build failure)Observability
docker logsLocal Ethereum node
rethservice (docker compose --profile node up -d)reth-ipc:/tmp) between reth and aether-rust for low-latency node accessconfig/nodes.yamlwhich haslocal-rethat priority 0, Alchemy WS at priority 1Acceptance criteria
GRPC_ADDRESS=aether-rust:50051 (from env)docker compose --profile node up -dstarts reth with shared IPC volumeTest plan
start.shboots all services with ESTABLISHED gRPC connectionsCloses #45