fix: enable bootstrap admin by default for zero-config quickstart #175
Merged
fix: enable bootstrap admin by default for zero-config quickstart #175
Conversation
vsxd
requested changes
Mar 27, 2026
Collaborator
vsxd
left a comment
vsxd
left a comment
There was a problem hiding this comment.
false是默认配置,如果需要bootstrap管理员账户可以手动修改环境变量配置
The release template now ships with BOOTSTRAP_ADMIN_ENABLED=true and password ChangeMe!2026, so zero-config quickstart works out of the box. Update all docs to reflect the new defaults and add a validation guard requiring non-empty password when bootstrap admin is enabled.
- README/README_zh: split bootstrap admin description per scenario, remove release template details from local dev section - quick-start (zh/en): restructure into two subsections with correct ports and user info for each startup method - 09-deployment: fix stale "默认关闭" wording
- Add scanner service with health check and LLM config support - Enable scanner by default (SKILLHUB_SECURITY_SCANNER_ENABLED=true) - Add SKILLHUB_SCANNER_IMAGE to .env.release.example - Update runtime.sh to support --scanner-image and aliyun mirror mapping
Add SKILLHUB_SECURITY_SCANNER_ENABLED and LLM config options for visibility and user control. Scanner is enabled by default but can be disabled if needed.
- Add 'with-scanner' profile to scanner service in compose.release.yml - Scanner service won't start by default (no image pull failure) - Set SKILLHUB_SECURITY_SCANNER_ENABLED=false by default - Comment out SKILLHUB_SCANNER_IMAGE in .env.release.example - Remove auto scanner image mapping in runtime.sh --aliyun mode - Users can enable scanner when image is ready by: 1. Uncommenting SKILLHUB_SCANNER_IMAGE in .env.release 2. Setting SKILLHUB_SECURITY_SCANNER_ENABLED=true 3. Running: docker compose --profile with-scanner up -d
Scanner service will attempt to start by default. If image doesn't exist, only scanner service fails while other services (server, web, postgres, redis) continue to work normally. This allows zero-config deployment to work and scanner will auto-start once image is available.
- Remove scanner service definition (image not available yet) - Remove scanner-related env vars from server service - Keep SKILLHUB_SECURITY_SCANNER_ENABLED=false in server config - Remove scanner image config from .env.release.example - Remove --scanner-image flag and logic from runtime.sh - Scanner can be added back when image is ready
vsxd
approved these changes
Mar 27, 2026
wuchunfu
pushed a commit
to itsharex/skillhub
that referenced
this pull request
Apr 1, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
fix: enable bootstrap admin by default for zero-config quickstart
Summary
compose.release.yml 和 application.yml 中的 fallback 保持一致)
Motivation
通过 runtime.sh up 零配置部署后,用户无法登录:
改动后 runtime.sh 快速启动即可用 admin / ChangeMe!2026 登录。
Safety
生产部署仍受 validate-release-config.sh 保护——该脚本会拒绝 ChangeMe!2026
作为密码,强制用户设置强密码。runtime.sh 流程不调用此校验,两条路径互不影响。
Test plan