Updated Vortex to '1.39.0'.#177
Conversation
…x-tooling' package.
|
Note Reviews pausedIt looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the Use the following commands to manage reviews:
Use the checkboxes below for quick actions:
📝 WalkthroughWalkthroughThis PR migrates Ahoy/Lagoon/CI command execution from many host-side shell scripts to vendored drevops/vortex-tooling entrypoints, adds a tooling installer, bumps Lagoon base images and CI runner pins, expands build-context whitelist, removes superseded scripts, and adds Behat accessibility tests. ChangesVortex Tooling Migration & Infrastructure Updates
Estimated code review effort🎯 4 (Complex) | ⏱️ ~45 minutes Possibly related PRs
Suggested labels
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
This comment has been minimized.
This comment has been minimized.
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## develop #177 +/- ##
========================================
Coverage 87.73% 87.73%
========================================
Files 11 11
Lines 163 163
========================================
Hits 143 143
Misses 20 20 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
There was a problem hiding this comment.
Actionable comments posted: 3
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.docker/database.dockerfile:
- Line 8: The workflow cache key prefix in
.github/workflows/build-test-deploy.yml still uses v26.4.0-db11-..., which can
cause CI to reuse caches after the DB ARG IMAGE was updated to
uselagoon/mysql-8.4:26.5.1; update the cache key prefix to match the new DB
image tag (e.g., v26.5.1-db11-...) or add a comment explaining why the cache
version should remain independent so the CI cache is correctly invalidated when
the DB image changes.
In @.gitignore:
- Around line 44-47: Remove the redundant un-ignore directive “!.claude”: since
only “.claude/*” is ignored, “.claude” itself isn’t ignored so the “!.claude”
line has no effect; delete the “!.claude” entry and keep “.claude/*” and
“!.claude/settings.json” as-is to match the existing pattern used for
“recipes/*”.
In `@behat.yml`:
- Around line 59-71: The selectors in behat.yml (keys: header, primary_menu,
secondary_menu, hero, highlighted, breadcrumb, social, content_above, content,
sidebar, content_below, footer_top, footer_bottom) do not match the real theme
markup (e.g., '`#header`', '.header-nav', '.social-bar', and the
'.region.region--*' values); open the rendered HTML/templates to find the actual
CSS selectors used by the theme and replace each value in behat.yml with the
corresponding real selector (update header, primary_menu, social, and every
'.region.region--*' entry), or alternatively adjust the theme/template classes
to match these selectors so Behat targets the real elements.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: ASSERTIVE
Plan: Pro Plus
Run ID: 93559814-bf8d-4ac7-9850-a1dfd8fe550d
⛔ Files ignored due to path filters (1)
composer.lockis excluded by!**/*.lock
📒 Files selected for processing (60)
.ahoy.yml.docker/clamav.dockerfile.docker/cli.dockerfile.docker/database.dockerfile.docker/nginx-drupal.dockerfile.docker/php.dockerfile.docker/solr.dockerfile.dockerignore.github/workflows/build-test-deploy.yml.github/workflows/draft-release-notes.yml.github/workflows/label-merge-conflict.yml.github/workflows/update-dependencies.yml.gitignore.lagoon.ymlAGENTS.mdREADME.mdbehat.ymlcomposer.jsonscripts/vortex-tooling.shscripts/vortex/deploy-artifact.shscripts/vortex/deploy-container-registry.shscripts/vortex/deploy-lagoon.shscripts/vortex/deploy-webhook.shscripts/vortex/deploy.shscripts/vortex/doctor.shscripts/vortex/download-db-acquia.shscripts/vortex/download-db-container-registry.shscripts/vortex/download-db-curl.shscripts/vortex/download-db-ftp.shscripts/vortex/download-db-lagoon.shscripts/vortex/download-db-s3.shscripts/vortex/download-db-url.shscripts/vortex/download-db.shscripts/vortex/export-db-file.shscripts/vortex/export-db-image.shscripts/vortex/export-db.shscripts/vortex/github-labels.shscripts/vortex/info.shscripts/vortex/login-container-registry.shscripts/vortex/login.shscripts/vortex/logout.shscripts/vortex/mirror-code.shscripts/vortex/notify-email.shscripts/vortex/notify-github.shscripts/vortex/notify-jira.shscripts/vortex/notify-newrelic.shscripts/vortex/notify-slack.shscripts/vortex/notify-webhook.shscripts/vortex/notify.shscripts/vortex/provision-sanitize-db.shscripts/vortex/provision.shscripts/vortex/reset.shscripts/vortex/setup-ssh.shscripts/vortex/task-copy-db-acquia.shscripts/vortex/task-copy-files-acquia.shscripts/vortex/task-custom-lagoon.shscripts/vortex/task-purge-cache-acquia.shscripts/vortex/update-vortex.shscripts/vortex/upload-db-s3.shtests/behat/features/behat.feature
💤 Files with no reviewable changes (40)
- scripts/vortex/download-db-lagoon.sh
- scripts/vortex/download-db-s3.sh
- scripts/vortex/update-vortex.sh
- scripts/vortex/login.sh
- scripts/vortex/download-db-acquia.sh
- scripts/vortex/deploy.sh
- scripts/vortex/notify-newrelic.sh
- scripts/vortex/logout.sh
- scripts/vortex/setup-ssh.sh
- scripts/vortex/login-container-registry.sh
- scripts/vortex/download-db-container-registry.sh
- scripts/vortex/export-db-file.sh
- scripts/vortex/doctor.sh
- scripts/vortex/notify-webhook.sh
- scripts/vortex/upload-db-s3.sh
- scripts/vortex/provision.sh
- scripts/vortex/notify-jira.sh
- scripts/vortex/download-db.sh
- scripts/vortex/info.sh
- scripts/vortex/task-copy-db-acquia.sh
- scripts/vortex/task-purge-cache-acquia.sh
- scripts/vortex/export-db-image.sh
- scripts/vortex/export-db.sh
- scripts/vortex/deploy-artifact.sh
- scripts/vortex/notify-email.sh
- scripts/vortex/task-custom-lagoon.sh
- scripts/vortex/deploy-webhook.sh
- scripts/vortex/notify.sh
- scripts/vortex/notify-slack.sh
- scripts/vortex/download-db-ftp.sh
- scripts/vortex/provision-sanitize-db.sh
- scripts/vortex/deploy-container-registry.sh
- scripts/vortex/notify-github.sh
- scripts/vortex/mirror-code.sh
- scripts/vortex/download-db-curl.sh
- scripts/vortex/download-db-url.sh
- scripts/vortex/github-labels.sh
- scripts/vortex/deploy-lagoon.sh
- scripts/vortex/reset.sh
- scripts/vortex/task-copy-files-acquia.sh
| # Ignore all Claude files by default. Custom files should be added explicitly. | ||
| !.claude | ||
| .claude/* | ||
| !.claude/settings.json |
There was a problem hiding this comment.
🧹 Nitpick | 🔵 Trivial | 💤 Low value
Optional: Remove redundant un-ignore directive.
The !.claude directive on line 45 is redundant. Since .claude itself is not ignored (only its contents via .claude/*), the un-ignore directive has no effect. The pattern works correctly without it and would be consistent with the recipes/* pattern above (line 42).
♻️ Optional cleanup
# Ignore all Claude files by default. Custom files should be added explicitly.
-!.claude
.claude/*
!.claude/settings.json🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In @.gitignore around lines 44 - 47, Remove the redundant un-ignore directive
“!.claude”: since only “.claude/*” is ignored, “.claude” itself isn’t ignored so
the “!.claude” line has no effect; delete the “!.claude” entry and keep
“.claude/*” and “!.claude/settings.json” as-is to match the existing pattern
used for “recipes/*”.
There was a problem hiding this comment.
Not adopting in this PR. The three-line block (!.claude / .claude/* / !.claude/settings.json) is what Vortex ships in its .gitignore scaffold (#2514). Although !.claude on its own appears no-op against this file alone, it is intentionally defensive against a parent or global .gitignore that might ignore .claude outright - removing the un-ignore would silently break tracking for that case. Keeping in sync with the upstream Vortex shape so future updates do not surface a phantom diff here.
There was a problem hiding this comment.
@AlexSkrypnyk, understood — thanks for the clear rationale. The defensive !.claude pattern makes sense when a parent or global .gitignore could suppress .claude entirely, and keeping it aligned with the upstream Vortex scaffold (#2514) is a good reason to leave it as-is. I'll note this for future reviews.
✏️ Learnings added
Learnt from: AlexSkrypnyk
Repo: drevops/website PR: 177
File: .gitignore:44-47
Timestamp: 2026-05-31T23:56:46.457Z
Learning: In Vortex-based projects (e.g., drevops/website), the three-line block `!.claude` / `.claude/*` / `!.claude/settings.json` in `.gitignore` is the intentional upstream Vortex scaffold pattern (see Vortex `#2514`). The `!.claude` line is deliberately kept as a defensive un-ignore in case a parent or global `.gitignore` ignores `.claude` outright; it should NOT be flagged as redundant or removed, as doing so would break tracking in that scenario and cause phantom diffs on future Vortex updates.
Note: Learnings are effective only in the context of similar code segments. To apply general coding guidelines, please configure review instructions. You can manage existing learnings in the app.
…re' to CivicTheme baseline.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
| [ "${VORTEX_DEBUG-}" = "1" ] && set -x | ||
|
|
||
| # Already installed - nothing to do. | ||
| if [ -d ./vendor/drevops/vortex-tooling ]; then |
There was a problem hiding this comment.
Vortex 69de37c: drevops/vortex#2505
This file is part of the scripts/vortex/ -> drevops/vortex-tooling Composer package migration. Host-side recipes (ahoy download-db, ahoy doctor, ahoy deploy, etc.) need the Vortex shell helpers BEFORE composer install has been run for the project's full dependency tree. This script installs only drevops/vortex-tooling into vendor/drevops/ via a throwaway vendor-temp/ Composer project. The early [ -d ./vendor/drevops/vortex-tooling ] check makes it idempotent, so subsequent invocations are no-ops.
| # available in vendor/. Installs just the tooling (not the full dep tree) | ||
| # so commands like 'ahoy download-db' work on a fresh clone before a full | ||
| # 'composer install' has run. | ||
| require-tooling: |
There was a problem hiding this comment.
Vortex 69de37c: drevops/vortex#2505
New internal require-tooling command that runs scripts/vortex-tooling.sh. It is called from download-db, provision, export-db, deploy, doctor, and update-vortex so each of those commands self-bootstraps the Vortex tooling package before invoking its ./vendor/drevops/vortex-tooling/src/* binary. On a fresh clone this is what makes ahoy download-db work without a prior ahoy composer install.
| download-db: | ||
| usage: Download database. Run with "--fresh" option to force fresh database backup. | ||
| aliases: [fetch-db] | ||
| aliases: [fetch-db, db-download, db-fetch] |
There was a problem hiding this comment.
Vortex 69de37c: drevops/vortex#2510
Across this .ahoy.yml Vortex added cross-tool aliases for nearly every command (build -> rebuild, info -> status / describe / ps, down -> destroy, cli -> ssh / shell, download-db -> fetch-db / db-download / db-fetch, export-db -> db-export / db-dump / dump-db, import-db -> db-import, reset -> prune / delete, test -> phpunit, debug -> xdebug, doctor -> diagnose / health, plus the FE variants). The aim is to let muscle memory from other dev tools (docker compose, make, etc.) work here too. Nothing existing is renamed, so existing scripts continue to work.
| continue-on-error: ${{ vars.VORTEX_CI_COMPOSER_VALIDATE_IGNORE_FAILURE == '1' }} | ||
|
|
||
| - name: Install Vortex tooling | ||
| run: ./scripts/vortex-tooling.sh |
There was a problem hiding this comment.
Vortex 69de37c: drevops/vortex#2505
This Install Vortex tooling step (added to all four jobs that need the helpers) runs the new scripts/vortex-tooling.sh to install drevops/vortex-tooling into vendor/drevops/. CI runs the step explicitly because each job uses a fresh container and needs the Vortex shell binaries (download-db, provision, export-db, login-container-registry, deploy) before they are invoked further down. Local runs go through Ahoy and get the same bootstrap via ahoy require-tooling.
| # The .env file (and other environment files) is copied into the image, as it | ||
| # may be needed by Composer scripts to access additional variables. | ||
| COPY composer.json composer.* .env* auth* /app/ | ||
| COPY composer.json composer.* patches.lock.* .env* auth* /app/ |
There was a problem hiding this comment.
Vortex 69de37c: drevops/vortex#2532
The CLI image now copies patches.lock.* alongside composer.json / composer.lock. patches.lock.json is produced by cweagans/composer-patches v2 and pins exact patch versions/hashes so the in-container composer install applies the same patch set the host resolved. Without this line the container would re-resolve patches and could end up out of sync with the host lockfile.
d14e937 to
92dd517
Compare
This comment has been minimized.
This comment has been minimized.
1 similar comment
This comment has been minimized.
This comment has been minimized.
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.env:
- Around line 206-207: The inline comment listing allowed notification channels
is out of sync with the configured value: update the comment that currently
lists "email,slack,newrelic,github,jira,webhook" to also include "diffy" so it
matches the VORTEX_NOTIFY_CHANNELS value and supported channel set; locate the
comment near the VORTEX_NOTIFY_CHANNELS variable and add "diffy" to the
documented list.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
…els comment in '.env'.
This comment has been minimized.
This comment has been minimized.
…w from Vortex '69de37c'.
|
Code coverage (threshold: 80%) Per-class coverage |
Vortex 1.38.0 → 1.39.0 - Impact Summary
Pinned at commit
69de37c- the upcoming1.39.0release ofdrevops/vortex(still draft upstream at the time of this PR).Key highlights: Vortex's shell tooling moved out of the in-repo
scripts/vortex/directory and into a new Composer package,drevops/vortex-tooling, installed undervendor/drevops/. The Lagoon container images and CI runner image were bumped (Lagoon26.4.0→26.5.1, ci-runner26.3.0→26.5.0).drevops/behat-stepswas bumped from^3.8.0to^3.9.0to adopt the newAccessibilityTrait+accessibility.featurescaffold Vortex ships.diffywas added as a notification channel to enable visual-regression notifications.Overall impact: Daily commands (
ahoy build,ahoy download-db,ahoy deploy,ahoy doctor, etc.) keep their names but now call the newvendor/drevops/vortex-tooling/src/*binaries via arequire-toolingstep that installs the package on demand, so the first time those commands run on a fresh clone you'll see a short tooling bootstrap. CI workflows do the same on each job (./scripts/vortex-tooling.shstep). No project-side breaking change is expected for normal local development - all build, unit-test, lint, Behat, and deploy gates pass on this branch.Vortex Update
Provisioning and tooling
scripts/vortex/into a Composer packagedrevops/vortex-tooling, installed undervendor/drevops/vortex-tooling/src/(#2505). All 39scripts/vortex/*.shfiles in this repo were removed; callers (Ahoy, Lagoon, CI) now invoke./vendor/drevops/vortex-tooling/src/<name>(no.shsuffix). A newscripts/vortex-tooling.shhelper installs the package on demand before a fullcomposer installhas run (idempotent ifvendor/drevops/vortex-tooling/already exists).require-toolinginternal Ahoy command that runsscripts/vortex-tooling.shand is invoked fromahoy download-db,ahoy export-db,ahoy deploy,ahoy doctor,ahoy update-vortexso they self-bootstrap the tooling.notify-slack.shandnotify-newrelic.sh) are NOT preserved by the migration. Upstream issues need to be raised to re-add (a)pre_deployment-aware Slack payload behaviour, and (b) aVORTEX_NOTIFY_NEWRELIC_ENABLEDearly-exit gate. See.artifacts/vortex-update-69de37c/decisions.md.Ahoy
rebuild(build),status/describe/ps(info),destroy(down),ssh/shell(cli),fetch-db/db-download/db-fetch(download-db),db-export/db-dump/dump-db(export-db),db-import(import-db),prune/delete(reset),fe-install/fe-build/fe-build-dev/fe-watch(front-end commands),phpunit(test),xdebug(debug),diagnose/health(doctor).download-db --freshnow also setsVORTEX_DOWNLOAD_DB_FORCE=1so existing cached DB files are overwritten.ahoy resetnow no-ops gracefully when the new tooling has not yet been installed.CI workflows
Install Vortex toolingstep to every job inbuild-test-deploy.ymlthat needs the helpers - runs./scripts/vortex-tooling.shbefore any./vendor/drevops/vortex-tooling/src/*call.scripts/vortex/*.shinvocations in workflows rewritten to./vendor/drevops/vortex-tooling/src/*.drevops/ci-runner:26.3.0todrevops/ci-runner:26.5.0(#2501, #2515).release-drafter/release-drafterv7.2.0 → v7.3.1 (#2511),eps1lon/actions-label-merge-conflictv3.0.3 → v3.1.0 (#2517),renovatebot/github-actionv46.1.11 → v46.1.14 (#2490),codecov/codecov-actiondigest refresh (#2493),mxschmitt/action-tmatedigest refresh (#2530).enable_terminalworkflow_dispatch input description clarified to "Enable terminal session for CI jobs" (#2504).v26.4.0-db11-...tov26.5.1-db11-...(six occurrences inbuild-test-deploy.yml) so the MySQL image tag bump (26.4.0→26.5.1) invalidates the existing cache instead of reusing it.Testing
behat.ymlwas the target of #2523 ("renamedregion_maptoregionsand nested message selectors"). The project's baseline already usesregions:(the rename was applied in an earlier update), so there is no structural change to take. Vortex's new generic region/selector values (header: '#header',.region.region--*,.messageswithout CivicTheme variants) were NOT adopted because they do not match this site's CivicTheme-rendered DOM. The project's CivicTheme regions and message selectors are preserved verbatim, along with the matchingtests/behat/features/behat.featurescenarios.drevops/behat-stepsbumped^3.8.0→^3.9.0(#2527) to enable the newAccessibilityTraitused bytests/behat/bootstrap/FeatureContext.phpand exercised by the new@a11y-taggedtests/behat/features/accessibility.featurescenario.@javascripttag added to the screenshot scenario intests/behat/features/behat.featureso it runs against a real browser (paired with the same Vortex PR above).docs/testing.mdsnippet syntax modernised fromGiven "x" terms:toGiven the following "x" terms:to match the behat-steps 3.9 grammar.Notifications
diffyadded toVORTEX_NOTIFY_CHANNELSin.envso visual-regression notifications from Diffy reach the configured email/Slack/GitHub channels alongside the existing event types. The documented allowed-channels comment was updated to includediffyso the inline reference stays in sync with the configured value.Hosting / Lagoon
26.4.0to26.5.1across all Dockerfiles (#2515). Affectscli,php,nginx-drupal,database,solr,clamav..lagoon.ymltasks now call./vendor/drevops/vortex-tooling/src/notify,./vendor/drevops/vortex-tooling/src/export-db-file,./vendor/drevops/vortex-tooling/src/download-db,./vendor/drevops/vortex-tooling/src/provisioninstead of./scripts/vortex/*.shcounterparts.monitoring_urls:blocks per env and a new top-levelroutes: insecure: Redirect. Both additions were rejected in this PR - the project keeps only its existing explicitroutes:(drevops.com / www.drevops.com formain, dev.drevops.com fordevelop) so production routing is preserved without enrolling the domains in Vortex-default monitoring or insecure-redirect handling.VORTEX_DOWNLOAD_DB_ENVIRONMENTdefault changed tomainfor Lagoon DB source (#2502) so prod-DB downloads work without setting the env explicitly.Composer scaffold
cli.dockerfilenowCOPYspatches.lock.*into the CLI container (#2532)..dockerignorewhitelist now includespatches.lock.json(#2531).Documentation / AGENTS
AGENTS.mdCritical Rules updated: "Never modify shipped scripts atvendor/drevops/vortex-tooling/src/- use patches viacweagans/composer-patches, or add your own scripts underscripts/custom/" (was: "Never modifyscripts/vortex/...")..gitignorenow ships a.claude/ignore block with!.claude/settings.jsonallow-list..claude/settings.jsonadded withBash(ahoy:*)allow-list so Claude Code runs ahoy commands locally without per-command prompts; tracked because of the new.gitignoreallowlist.Dependency Updates
Composer
Added
drevops/vortex-tooling1.0.0- new in-vendor scaffold tooling package.Constraint changes (composer.json)
drevops/behat-steps:^3.8.0→^3.9.0(required by theAccessibilityTraitadoption above).drush/drush^13.7.2→^13.7.3,phpstan/phpstan^2.1.54→^2.2.1,rector/rector^2.4.2→^2.4.5,palantirnet/drupal-rector^0.21.1→^0.21.2,drupal/pathauto^1.14→^1.15.0, etc.) are NOT applied in this PR. Per the skill, those are out of scope for a Vortex update and will be picked up in a follow-on/update-consumer-drupalrun.Lock-only refreshes (composer.lock)
These were resolved within existing constraints when the lock was regenerated to include
drevops/vortex-tooling:drupal/core:11.3.10→11.3.11drupal/core-composer-scaffold:11.3.10→11.3.11drupal/core-recommended:11.3.10→11.3.11symfony/string:v7.4.11→v7.4.13symfony/console:v7.4.11→v7.4.13symfony/yaml:v7.4.12→v7.4.13symfony/dependency-injection:v7.4.10→v7.4.13symfony/process:v7.4.11→v7.4.13symfony/routing:v7.4.12→v7.4.13symfony/http-foundation:v7.4.8→v7.4.13symfony/mime:v7.4.12→v7.4.13symfony/http-kernel:v7.4.12→v7.4.13symfony/polyfill-php81:v1.37.0→v1.38.1symfony/polyfill-php83:v1.37.0→v1.38.1symfony/polyfill-intl-idn:v1.37.0→v1.38.1twig/twig:v3.26.0→v3.27.0guzzlehttp/guzzle:7.10.2→7.10.5Node
No
package.jsonchanges.How to test
Locally
feature/update-vortex-69de37c).ahoy build- confirm the site builds end-to-end. The first run will print "Install Vortex tooling" lines asscripts/vortex-tooling.shpopulatesvendor/drevops/vortex-tooling/.ahoy download-db --fresh,ahoy export-db,ahoy doctor, andahoy update-vortexstill succeed - each will call the newrequire-toolinghelper.CI
Hosting
develop) and watch the post-rollout logs:notify,download-db,provision,export-db-file, and the post-deploymentnotifyshould all run via the new./vendor/drevops/vortex-tooling/src/*paths.