Merge with upstream

[ma-04]

Putting it in Draft Mode due to upstream build failure

Summary by CodeRabbit

• Documentation

  • Added Docker host configuration guidance with environment variable examples, socket-proxy and TLS usage; updated release badges.

• Chores

  • Bumped Go toolchain to 1.26 and updated dependencies.
  • Updated build image and test base image tags.

• Refactor

  • Switched logging implementation to a new structured logger, standardizing log levels and output format across the app.

[coderabbitai]

Walkthrough

Updated Go/tooling and container base images, added a Docker host configuration section to the README, and replaced the logging implementation and API across the codebase (new SlogLogger, changed Logger interface and Context logging), with corresponding test updates and minor Docker image tag bump.

Changes

Cohort / File(s)	Summary
Build & Modules Dockerfile, go.mod	Bumped builder base image to golang:1.26-alpine; updated go directive and toolchain to go1.25/ go1.26.x; upgraded/added several direct and indirect dependencies (fsouza/go-dockerclient, mapstructure/v2, moby/*, logrus, testify, golang.org/x/sys, mage deps, etc.).
CI / Integration Images integration/test-run-exec/docker-compose.yml	Updated alpine test image tag from alpine:3.23.2 to alpine:3.23.3.
Documentation README.md	Added "Docker host configuration" section and examples; replaced top release badge with two img.shields.io GitHub release badges; kept existing workflow badge.
Logging API & Implementation core/common.go, core/logger.go, ofelia.go	Replaced old logging API (Criticalf/Debugf/Errorf/Noticef/Warningf) with new structured methods (Debug, Info, Warning, Error); added core/SlogLogger and NewSlogLogger; updated buildLogger to use new logger; removed old logPrefix constant.
Core runtime behavior (logging calls only) core/runjob.go, core/runservice.go, core/scheduler.go, core/cron_utils.go	Converted many formatted log calls to structured key/value style or context-based variadic args; adjusted small helper signatures (CronUtils.Info args type). Control flow unchanged.
CLI & Docker handling (logging only) cli/config.go, cli/daemon.go, cli/docker_handler.go, cli/validate.go	Replaced formatted logger calls with structured/field-style logging calls; no behavior changes beyond logging.
Middlewares & Handlers (logging only) middlewares/save.go, middlewares/mail.go, middlewares/slack.go	Switched error/formatted logs to structured key/value logging; no other logic changes.
Tests / Test loggers core/*_test.go, cli/config_test.go, middlewares/common_test.go, core/runjob_test.go, core/runservice_test.go	Updated test logger stubs and test setups to match new Logger interface and to use NewSlogLogger(io.Discard) where applicable; removed old op/go-logging setup.
Top-level ofelia.go	Replaced old op/go-logging initialization with core.NewSlogLogger(os.Stdout); signature of buildLogger unchanged.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Suggested reviewers

• tareq1988
• itsrafsanjani

Poem

🐰 A rabbit nibbling on logs and streams,
Switched the colors, tidied the themes,
Go bumped up, images refreshed,
Docker docs added, tests re-fleshed —
Hooray for builds and structured dreams!

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Title check	❓ Inconclusive	The title 'Merge with upstream' is vague and generic, using non-descriptive language that fails to convey the actual substantial changes in the PR.	Consider a more descriptive title that reflects the main changes, such as 'Replace go-logging with slog-based logger and update dependencies' or 'Refactor logging to use slog and update Go/dependencies'.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[ma-04]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

Dockerfile (1)

14-24: ⚠️ Potential issue | 🟠 Major

Run the final image as non-root user.

The runtime stage has no USER, so ofelia runs as root. That is a security hardening gap and is also flagged by static analysis.

🔒 Suggested hardening patch

 FROM alpine:3.23
 
 # this label is required to identify container with ofelia running
 LABEL ofelia.service=true
 LABEL ofelia.enabled=true
 
-RUN apk --no-cache add ca-certificates tini tzdata
+RUN apk --no-cache add ca-certificates tini tzdata \
+    && addgroup -S ofelia \
+    && adduser -S -G ofelia ofelia
 
 COPY --from=builder /go/bin/ofelia /usr/bin/ofelia
 
+USER ofelia
 ENTRYPOINT ["/sbin/tini", "/usr/bin/ofelia"]

If you mount /var/run/docker.sock, ensure runtime group permissions are handled (for example via group_add matching socket GID).

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@Dockerfile` around lines 14 - 24, The image launches ofelia as root; add a
non-root runtime user and set USER before ENTRYPOINT so ofelia runs
unprivileged—create a minimal user/group (e.g. ofelia user), ensure binary
ownership and any required runtime dirs are chowned to that user (refer to the
copied binary /usr/bin/ofelia and ENTRYPOINT), and document/handle socket access
by allowing group membership or advising group_add for the Docker socket GID
when mounting /var/run/docker.sock.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Outside diff comments:
In `@Dockerfile`:
- Around line 14-24: The image launches ofelia as root; add a non-root runtime
user and set USER before ENTRYPOINT so ofelia runs unprivileged—create a minimal
user/group (e.g. ofelia user), ensure binary ownership and any required runtime
dirs are chowned to that user (refer to the copied binary /usr/bin/ofelia and
ENTRYPOINT), and document/handle socket access by allowing group membership or
advising group_add for the Docker socket GID when mounting /var/run/docker.sock.

---

ℹ️ Review info

Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 3fc9fff3-224f-4b7b-9e21-248acb876272

📥 Commits

Reviewing files that changed from the base of the PR and between c82c63e and ebd2b12.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (4)

• Dockerfile
• README.md
• go.mod
• integration/test-run-exec/docker-compose.yml

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (3)

cli/docker_handler.go (1)

118-118: Keep the original error in fallback log context.

Line 118 logs the fallback action but omits err, which makes root-cause diagnosis harder.

🛠️ Suggested tweak

-		c.logger.Debug("Failed to extract ofelia's container ID. Trying with container hostname instead...")
+		c.logger.Debug("Failed to extract ofelia's container ID. Trying with container hostname instead...", "error", err)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@cli/docker_handler.go` at line 118, The fallback debug log "Failed to extract
ofelia's container ID. Trying with container hostname instead..." omits the
original error; update the logging call in the Docker handler (the method in
cli/docker_handler.go where c.logger.Debug is invoked) to include the original
error variable (err) in the log context/message so the fallback log contains the
root-cause error information (e.g., include err as a field or append err.Error()
to the message).

middlewares/common_test.go (1)

67-70: Consider aligning parameter names and types with the Logger interface.

The TestLogger methods use (format string, args ...interface{}) but the Logger interface in core/common.go:226-231 defines (str string, args ...any). While interface{} and any are type aliases and this compiles correctly, matching the interface signature exactly improves consistency.

♻️ Suggested alignment with interface

-func (*TestLogger) Debug(format string, args ...interface{})   {}
-func (*TestLogger) Error(format string, args ...interface{})   {}
-func (*TestLogger) Info(format string, args ...interface{})    {}
-func (*TestLogger) Warning(format string, args ...interface{}) {}
+func (*TestLogger) Debug(str string, args ...any)   {}
+func (*TestLogger) Error(str string, args ...any)   {}
+func (*TestLogger) Info(str string, args ...any)    {}
+func (*TestLogger) Warning(str string, args ...any) {}

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@middlewares/common_test.go` around lines 67 - 70, Update the TestLogger
method signatures to exactly match the Logger interface by changing each method
(Debug, Error, Info, Warning) to accept parameters named "str string, args
...any" instead of "format string, args ...interface{}"; this aligns parameter
names and uses the same type alias (any) as in core/common.go's Logger interface
for consistency.

cli/config_test.go (1)

22-25: Consider renaming format parameter to msg or str for clarity.

The parameter is named format but the new logging API uses structured key-value pairs rather than printf-style formatting. Renaming to msg or str (matching the Logger interface in core/common.go) would better reflect the actual usage pattern.

♻️ Suggested rename

-func (*TestLogger) Debug(format string, args ...interface{})   {}
-func (*TestLogger) Error(format string, args ...interface{})   {}
-func (*TestLogger) Info(format string, args ...interface{})    {}
-func (*TestLogger) Warning(format string, args ...interface{}) {}
+func (*TestLogger) Debug(msg string, args ...interface{})   {}
+func (*TestLogger) Error(msg string, args ...interface{})   {}
+func (*TestLogger) Info(msg string, args ...interface{})    {}
+func (*TestLogger) Warning(msg string, args ...interface{}) {}

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@cli/config_test.go` around lines 22 - 25, Rename the parameter named `format`
to `msg` (or `str`) in the TestLogger methods to match the structured logging
API and the `Logger` interface in core/common.go: update the method signatures
for Debug, Error, Info, and Warning on type `*TestLogger` so they accept `msg
string, args ...interface{}` (or `str string, ...`) instead of `format string,
...`, and adjust any internal references to this parameter accordingly.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@core/cron_utils.go`:
- Around line 12-18: The Info method signature uses variadic ...any which breaks
implementation of robfig/cron v3 Logger; update CronUtils.Info to use the same
variadic type as CronUtils.Error (i.e., ...interface{}) so both Info and Error
match the cron.Logger interface expected by cron.WithLogger; modify the function
signature for CronUtils.Info accordingly while keeping its body unchanged.

In `@middlewares/slack.go`:
- Around line 64-67: The logs are currently emitting the sensitive Slack webhook
(m.SlackWebhook) via ctx.Logger.Error in the error paths; remove the webhook
from the log payload or replace it with a redacted/masked value before logging
to avoid secret exposure. Update the calls in the error handling branches (the
ctx.Logger.Error usages that reference m.SlackWebhook and r.Status/r.StatusCode)
to omit the "webhook" key or substitute a safe string like "<redacted webhook>"
or a masked snippet, ensuring no raw webhook URL appears in logs.
- Around line 62-67: The HTTP response from http.PostForm in
middlewares/slack.go is never closed which leaks connections; update the block
where r, err := http.PostForm(m.SlackWebhook, values) is handled so that when
err == nil you immediately ensure the body is closed (e.g., defer r.Body.Close()
or read io.Copy(io.Discard, r.Body) and then r.Body.Close()) before any returns
or logging; modify the handler around the PostForm call (referencing variables
r, err, m.SlackWebhook and ctx.Logger) to always close r.Body in both the 200
and non-200 response paths.

---

Nitpick comments:
In `@cli/config_test.go`:
- Around line 22-25: Rename the parameter named `format` to `msg` (or `str`) in
the TestLogger methods to match the structured logging API and the `Logger`
interface in core/common.go: update the method signatures for Debug, Error,
Info, and Warning on type `*TestLogger` so they accept `msg string, args
...interface{}` (or `str string, ...`) instead of `format string, ...`, and
adjust any internal references to this parameter accordingly.

In `@cli/docker_handler.go`:
- Line 118: The fallback debug log "Failed to extract ofelia's container ID.
Trying with container hostname instead..." omits the original error; update the
logging call in the Docker handler (the method in cli/docker_handler.go where
c.logger.Debug is invoked) to include the original error variable (err) in the
log context/message so the fallback log contains the root-cause error
information (e.g., include err as a field or append err.Error() to the message).

In `@middlewares/common_test.go`:
- Around line 67-70: Update the TestLogger method signatures to exactly match
the Logger interface by changing each method (Debug, Error, Info, Warning) to
accept parameters named "str string, args ...any" instead of "format string,
args ...interface{}"; this aligns parameter names and uses the same type alias
(any) as in core/common.go's Logger interface for consistency.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: d96bfc98-709f-4838-b39d-236e71ee3781

📥 Commits

Reviewing files that changed from the base of the PR and between ebd2b12 and e454ef1.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (21)

• README.md
• cli/config.go
• cli/config_test.go
• cli/daemon.go
• cli/docker_handler.go
• cli/validate.go
• core/common.go
• core/common_test.go
• core/cron_utils.go
• core/logger.go
• core/runjob.go
• core/runjob_test.go
• core/runservice.go
• core/runservice_test.go
• core/scheduler.go
• go.mod
• middlewares/common_test.go
• middlewares/mail.go
• middlewares/save.go
• middlewares/slack.go
• ofelia.go

✅ Files skipped from review due to trivial changes (3)

• middlewares/save.go
• README.md
• go.mod

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🌐 Web query:

robfig cron v3 Logger interface signature

💡 Result:

The Logger interface in robfig/cron v3 is a subset of the go-logr/logr interface, with two methods: Info(msg string, keysAndValues ...interface{}) and Error(err error, msg string, keysAndValues ...interface{}). It is used by the Cron struct for logging events like start, schedule, wake, run, added, stop, removed. DefaultLogger is the default implementation. Usage example: cron.New(cron.WithLogger(cron.VerbosePrintfLogger(log.New(os.Stdout, "cron: ", log.LstdFlags)))) It complies with https://github.com/go-logr/logr project for structured logging.

Citations:

• 1: https://pkg.go.dev/github.com/robfig/cron/v3
• 2: https://go.pact.im/doc/use/github.com/robfig/cron/v3..Cron.logger%5E2686a.html
• 3: https://go.pact.im/doc/src/github.com/robfig/cron/v3/cron.go.html
• 4: https://go.pact.im/doc/src/github.com/robfig/cron/v3/chain.go.html
• 5: https://go.pact.im/doc/imp/github.com/robfig/cron/v3.Logger.html
• 6: Logger interface robfig/cron#202

---

🏁 Script executed:

# Check core/scheduler.go around line 29 to confirm CronUtils usage
fd core scheduler.go --exec head -50 {} \; | cat -n

Repository: flywp/ofelia

Length of output: 155

---

🏁 Script executed:

# Search for cron.WithLogger usage to confirm CronUtils is passed there
rg "WithLogger" --type go -A 2 -B 2

Repository: flywp/ofelia

Length of output: 286

---

🏁 Script executed:

# Check if there are any compilation or type errors related to CronUtils
rg "CronUtils" --type go -A 3 -B 1

Repository: flywp/ofelia

Length of output: 1029

---

Fix Info method signature to match cron v3 Logger interface.

The CronUtils.Info method at line 12 uses ...any while the Error method uses ...interface{}. Since CronUtils implements the robfig/cron v3 Logger interface (confirmed by usage in core/scheduler.go:29 with cron.WithLogger(cronUtils)), both methods must use ...interface{} per the interface specification.

Change line 12 from ...any to ...interface{}:

Fix for interface compliance

-func (c *CronUtils) Info(msg string, keysAndValues ...any) {
+func (c *CronUtils) Info(msg string, keysAndValues ...interface{}) {
 	c.Logger.Debug("cron update", append(keysAndValues, "cron", msg)...)
 }
 
 func (c *CronUtils) Error(err error, msg string, keysAndValues ...interface{}) {
 	c.Logger.Error("cron error", append(keysAndValues, "cron", msg, "error", err)...)
 }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	func (c *CronUtils) Info(msg string, keysAndValues ...any) {
	c.Logger.Debug("cron update", append(keysAndValues, "cron", msg)...)
	}
	func (c *CronUtils) Error(err error, msg string, keysAndValues ...interface{}) {
	c.Logger.Errorf("%v", formatKeysAndValues(append([]interface{}{"cron", msg, "error", err}, keysAndValues...)...))
	c.Logger.Error("cron error", append(keysAndValues, "cron", msg, "error", err)...)
	}
	func (c *CronUtils) Info(msg string, keysAndValues ...interface{}) {
	c.Logger.Debug("cron update", append(keysAndValues, "cron", msg)...)
	}
	func (c *CronUtils) Error(err error, msg string, keysAndValues ...interface{}) {
	c.Logger.Error("cron error", append(keysAndValues, "cron", msg, "error", err)...)
	}

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@core/cron_utils.go` around lines 12 - 18, The Info method signature uses
variadic ...any which breaks implementation of robfig/cron v3 Logger; update
CronUtils.Info to use the same variadic type as CronUtils.Error (i.e.,
...interface{}) so both Info and Error match the cron.Logger interface expected
by cron.WithLogger; modify the function signature for CronUtils.Info accordingly
while keeping its body unchanged.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify HTTP response bodies from PostForm are closed in Go code.
# Expected: each PostForm assignment to *http.Response has a corresponding Body.Close in-path.
rg -nP --type=go '(\w+)\s*,\s*err\s*:=\s*http\.PostForm\(' -C4
rg -nP --type=go '\.Body\.Close\s*\(' -C2

Repository: flywp/ofelia

Length of output: 686

---

Close the HTTP response body after PostForm to avoid connection leaks.

The response body from http.PostForm() must be closed to return the connection to the pool. Currently, the code does not close r.Body in any execution path, even on non-200 responses.

♻️ Suggested fix

 	r, err := http.PostForm(m.SlackWebhook, values)
 	if err != nil {
 		ctx.Logger.Error("Failed to call slack", "webhook", m.SlackWebhook, "error", err)
-	} else if r.StatusCode != 200 {
+		return
+	}
+	defer r.Body.Close()
+
+	if r.StatusCode != 200 {
 		ctx.Logger.Error("Slack responded with non-200 status", "webhook", m.SlackWebhook, "status", r.Status)
 	}

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	r, err := http.PostForm(m.SlackWebhook, values)
	if err != nil {
	ctx.Logger.Errorf("Slack error calling %q error: %q", m.SlackWebhook, err)
	ctx.Logger.Error("Failed to call slack", "webhook", m.SlackWebhook, "error", err)
	} else if r.StatusCode != 200 {
	ctx.Logger.Errorf("Slack error non-200 status code calling %q", m.SlackWebhook)
	ctx.Logger.Error("Slack responded with non-200 status", "webhook", m.SlackWebhook, "status", r.Status)
	}
	r, err := http.PostForm(m.SlackWebhook, values)
	if err != nil {
	ctx.Logger.Error("Failed to call slack", "webhook", m.SlackWebhook, "error", err)
	return
	}
	defer r.Body.Close()
	if r.StatusCode != 200 {
	ctx.Logger.Error("Slack responded with non-200 status", "webhook", m.SlackWebhook, "status", r.Status)
	}

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@middlewares/slack.go` around lines 62 - 67, The HTTP response from
http.PostForm in middlewares/slack.go is never closed which leaks connections;
update the block where r, err := http.PostForm(m.SlackWebhook, values) is
handled so that when err == nil you immediately ensure the body is closed (e.g.,
defer r.Body.Close() or read io.Copy(io.Discard, r.Body) and then
r.Body.Close()) before any returns or logging; modify the handler around the
PostForm call (referencing variables r, err, m.SlackWebhook and ctx.Logger) to
always close r.Body in both the 200 and non-200 response paths.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Do not log Slack webhook URLs (sensitive secret exposure).

Line 64 and Line 66 include m.SlackWebhook in logs. Webhook URLs are credentials and should be redacted/omitted.

🔐 Suggested fix

-		ctx.Logger.Error("Failed to call slack", "webhook", m.SlackWebhook, "error", err)
+		ctx.Logger.Error("Failed to call slack", "error", err)
 	} else if r.StatusCode != 200 {
-		ctx.Logger.Error("Slack responded with non-200 status", "webhook", m.SlackWebhook, "status", r.Status)
+		ctx.Logger.Error("Slack responded with non-200 status", "status", r.Status)
 	}

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	ctx.Logger.Error("Failed to call slack", "webhook", m.SlackWebhook, "error", err)
	} else if r.StatusCode != 200 {
	ctx.Logger.Errorf("Slack error non-200 status code calling %q", m.SlackWebhook)
	ctx.Logger.Error("Slack responded with non-200 status", "webhook", m.SlackWebhook, "status", r.Status)
	}
	ctx.Logger.Error("Failed to call slack", "error", err)
	} else if r.StatusCode != 200 {
	ctx.Logger.Error("Slack responded with non-200 status", "status", r.Status)
	}

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@middlewares/slack.go` around lines 64 - 67, The logs are currently emitting
the sensitive Slack webhook (m.SlackWebhook) via ctx.Logger.Error in the error
paths; remove the webhook from the log payload or replace it with a
redacted/masked value before logging to avoid secret exposure. Update the calls
in the error handling branches (the ctx.Logger.Error usages that reference
m.SlackWebhook and r.Status/r.StatusCode) to omit the "webhook" key or
substitute a safe string like "<redacted webhook>" or a masked snippet, ensuring
no raw webhook URL appears in logs.