Skip to content

fix : crawlYoutubeVerify 우분투 환경 Puppeteer 샌드박스 옵션 추가#162

Merged
GulSam00 merged 1 commit intodevelopfrom
chore/kyVerifyAction
Mar 14, 2026
Merged

fix : crawlYoutubeVerify 우분투 환경 Puppeteer 샌드박스 옵션 추가#162
GulSam00 merged 1 commit intodevelopfrom
chore/kyVerifyAction

Conversation

@GulSam00
Copy link
Owner

@GulSam00 GulSam00 commented Mar 14, 2026

📌 PR 제목

[Type] : 작업 내용 요약

📌 변경 사항

💬 추가 참고 사항

@GulSam00 @claude
fix : crawlYoutubeVerify 우분투 환경 Puppeteer 샌드박스 옵션 추가
50b9252 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@vercel
Copy link
Contributor

vercel bot commented Mar 14, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
singcode Building Building Preview Mar 14, 2026 2:15pm

@GulSam00 GulSam00 merged commit d59423a into develop Mar 14, 2026
2 checks passed
@qodo-code-review
Copy link

qodo-code-review bot commented Mar 14, 2026

Review Summary by Qodo

Add Puppeteer sandbox options for Ubuntu environment

🐞 Bug fix

Grey Divider

Walkthroughs

Description 
• Add Puppeteer sandbox options for Ubuntu environment compatibility
• Configure headless mode and disable sandbox/setuid-sandbox for action environment
Diagram 
flowchart LR
  A["puppeteer.launch()"] -- "add sandbox options" --> B["puppeteer.launch with args"]
  B -- "headless: true" --> C["Headless mode enabled"]
  B -- "no-sandbox flag" --> D["Sandbox disabled"]
  B -- "disable-setuid-sandbox" --> E["Setuid sandbox disabled"]
Loading

Grey Divider

File Changes

1. packages/crawling/src/crawling/crawlYoutubeVerify.ts 🐞 Bug fix +5/-1

Add Puppeteer sandbox configuration options

• Modified puppeteer.launch() call to include configuration options
• Added headless: true to run browser in headless mode
• Added --no-sandbox and --disable-setuid-sandbox arguments for Ubuntu environment compatibility
• Included comment explaining the purpose of these options for action environment

packages/crawling/src/crawling/crawlYoutubeVerify.ts

Grey Divider

Qodo Logo

@qodo-code-review
Copy link

qodo-code-review bot commented Mar 14, 2026
edited
Loading

Code Review by Qodo

🐞 Bugs (2) 📘 Rule violations (0) 📎 Requirement gaps (0)

Grey Divider


Action required

1. Browser not closed safely 🐞 Bug ⛯ Reliability
Description 
crawlYoutubeVerify launches a Browser at module scope without a try/finally, and it calls
browser.close() without awaiting it, so any thrown error can bypass cleanup and leave Chromium
running. This can hang or flake CI runs because Supabase getters can throw before the close is
reached.
Code

packages/crawling/src/crawling/crawlYoutubeVerify.ts[R12-16]

+// action 우분투 환경에서의 호환을 위해 추가
+const browser = await puppeteer.launch({
+  headless: true,
+  args: ['--no-sandbox', '--disable-setuid-sandbox'],
+});
Evidence 
The script does not protect the Browser lifecycle with try/finally and does not await close;
upstream DB functions used by the script explicitly throw on error, so failures will skip cleanup
and can leak the browser process. A sibling crawler in the same package demonstrates the intended
try/finally + awaited close pattern.

packages/crawling/src/crawling/crawlYoutubeVerify.ts[12-50]
packages/crawling/src/supabase/getDB.ts[51-64]
packages/crawling/src/supabase/getDB.ts[105-113]
packages/crawling/src/crawling/crawlYoutube.ts[149-155]

Agent prompt 
The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
`crawlYoutubeVerify.ts` does not guarantee Puppeteer cleanup: it launches `browser` at module scope, has no `try/finally`, and calls `browser.close()` without `await`. Any thrown error (e.g., from Supabase getters) can skip cleanup and leave Chromium running.

### Issue Context
Supabase getter functions used in this script throw on error, so lifecycle cleanup must be guaranteed.

### Fix Focus Areas
- packages/crawling/src/crawling/crawlYoutubeVerify.ts[12-50]

### Implementation notes
- Wrap the whole script body in `const main = async () =&gt; { ... }`.
- Use `try { ... } catch (e) { ... } finally { await browser.close(); }`.
- Consider moving `page` creation inside the `try` and setting a non-zero `process.exitCode` on fatal errors.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools


Remediation recommended

2. Sandbox disabled everywhere 🐞 Bug ⛨ Security
Description 
crawlYoutubeVerify launches Chromium with --no-sandbox/--disable-setuid-sandbox unconditionally, so
the job runs without sandbox protections even when not on Ubuntu Actions. Since this crawler
navigates to external pages, removing the sandbox increases the blast radius of any browser
compromise within the execution environment.
Code

packages/crawling/src/crawling/crawlYoutubeVerify.ts[R12-16]

+// action 우분투 환경에서의 호환을 위해 추가
+const browser = await puppeteer.launch({
+  headless: true,
+  args: ['--no-sandbox', '--disable-setuid-sandbox'],
+});
Evidence 
The PR change makes sandbox-disabling flags always apply, and the verification logic demonstrably
loads external content via Puppeteer navigation; together this means the crawler renders external
pages without the browser sandbox in any environment where this script is run.

packages/crawling/src/crawling/crawlYoutubeVerify.ts[12-16]
packages/crawling/src/crawling/isValidKYExistNumber.ts[12-18]

Agent prompt 
The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
`crawlYoutubeVerify.ts` disables the Chromium sandbox for all executions by always passing `--no-sandbox` and `--disable-setuid-sandbox`.

### Issue Context
This was added for Ubuntu Actions compatibility, but the script also navigates to external URLs via Puppeteer; disabling sandbox should be minimized to the environment that requires it.

### Fix Focus Areas
- packages/crawling/src/crawling/crawlYoutubeVerify.ts[12-16]

### Implementation notes
- Gate the `args` behind a condition such as:
 - `process.platform === &#x27;linux&#x27;` AND (`process.env.CI` or `process.env.GITHUB_ACTIONS`)
- Keep `headless: true`, but only inject sandbox flags when the condition is met.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

Grey Divider

ⓘ The new review experience is currently in Beta. Learn more

Grey Divider

Qodo Logo

qodo-code-review[bot]
qodo-code-review bot reviewed Mar 14, 2026
View reviewed changes
packages/crawling/src/crawling/crawlYoutubeVerify.ts
Comment on lines +12 to +16
// action 우분투 환경에서의 호환을 위해 추가
const browser = await puppeteer.launch({
headless: true,
args: ['--no-sandbox', '--disable-setuid-sandbox'],
});
Copy link

@qodo-code-review qodo-code-review bot Mar 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Action required

1. Browser not closed safely 🐞 Bug ⛯ Reliability

crawlYoutubeVerify launches a Browser at module scope without a try/finally, and it calls
browser.close() without awaiting it, so any thrown error can bypass cleanup and leave Chromium
running. This can hang or flake CI runs because Supabase getters can throw before the close is
reached.
Agent Prompt 
### Issue description
`crawlYoutubeVerify.ts` does not guarantee Puppeteer cleanup: it launches `browser` at module scope, has no `try/finally`, and calls `browser.close()` without `await`. Any thrown error (e.g., from Supabase getters) can skip cleanup and leave Chromium running.

### Issue Context
Supabase getter functions used in this script throw on error, so lifecycle cleanup must be guaranteed.

### Fix Focus Areas
- packages/crawling/src/crawling/crawlYoutubeVerify.ts[12-50]

### Implementation notes
- Wrap the whole script body in `const main = async () => { ... }`.
- Use `try { ... } catch (e) { ... } finally { await browser.close(); }`.
- Consider moving `page` creation inside the `try` and setting a non-zero `process.exitCode` on fatal errors.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

@GulSam00 GulSam00 deleted the chore/kyVerifyAction branch March 15, 2026 09:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@qodo-code-review qodo-code-review[bot] qodo-code-review[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@GulSam00