Add COPY statements to data manager Dockerfile

[forstmeier]

Overview

Changes

• add COPY statements for Cargo file resources

Comments

Another fix for the datamanager service.

Summary by CodeRabbit

• Chores
  • Updated build process to stage dependency files earlier for more reliable compilation and caching.
  • Changed Docker build behavior to emit the image as an output artifact rather than automatically loading it into the local daemon.
  • Expanded filesystem ignore rules to include the etc/ directory.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

This pull request adds etc/ to .gitignore, updates applications/datamanager/Dockerfile to COPY root Cargo.toml, Cargo.lock, applications/datamanager/Cargo.toml, and applications/datamanager/src/ into the builder stage before running cargo build, and changes a Docker build invocation in maskfile.md to emit the image via --output type=docker instead of loading it into the local daemon with --load.

Sequence Diagram(s)

sequenceDiagram
    autonumber
    participant Dev/CI as Dev/CI
    participant Buildx as Buildx (docker buildx)
    participant FS as Build Context (repo files)
    participant Artifact as Output (tar/image)

    rect rgba(200,230,255,0.25)
    Note over Dev/CI,Buildx: New build invocation uses --output type=docker\nand Dockerfile copies dependency manifests before build
    end

    Dev/CI->>Buildx: docker buildx build --output type=docker ...
    Buildx->>FS: READ Cargo.toml, Cargo.lock, applications/datamanager/Cargo.toml, src/
    Buildx->>Buildx: execute multi-stage build (builder stage: cargo build)
    Buildx->>Artifact: write image artifact to specified output
    Note right of Artifact: Image emitted as artifact (not loaded into daemon)

Loading

Possibly related PRs

• Add service image build performance improvements #647: Modifies applications/datamanager/Dockerfile — related to the same Dockerfile COPY/caching changes.
• Add missing Cargo.toml file and Flox resources #627: Adds root Cargo workspace and registers the datamanager crate — related to added Cargo.toml/Cargo.lock handling in the Dockerfile.
• Update logic to handle Cargo caching in GitHub Actions #659: Changes buildx invocation flags for CI caching/output — related to swapping --load for --output type=docker.

Pre-merge checks

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Title check	⚠️ Warning	The PR title mentions adding COPY statements to the Dockerfile, which is the main change in applications/datamanager/Dockerfile, but the changeset also includes modifications to .gitignore and maskfile.md, including a Docker build output flag change mentioned in the commit message.	Update the title to reflect all significant changes or focus on the primary impact, such as 'Fix datamanager Docker build and output handling' or 'Update datamanager Dockerfile COPY statements and build flags'.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

This PR adds missing COPY statements to the data manager Dockerfile to ensure Cargo manifest files are available during the build process.

Key Changes:

• Added COPY statements for Cargo.toml and Cargo.lock files at workspace and application levels

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[pulumi]

🚀 The Update (preview) for forstmeier/pocketsizefund/production (at e0c3f61) was successful.

✨ Neo Explanation

Initial production deployment of a microservices-based fund management system, creating complete AWS infrastructure including networking, ECS container platform, load balancing, and three application services with service discovery.

Root Cause Analysis

This deployment was triggered by a code change in the repository. The developer has defined a complete infrastructure-as-code setup for a production environment of the "pocketsizefund" application, deploying a microservices architecture on AWS ECS with three services: datamanager, equitypricemodel, and portfoliomanager.

Dependency Chain

The infrastructure builds from the ground up in this sequence:

1. Network Foundation: A VPC is created first, which enables all subnets (2 public, 2 private across availability zones) to be provisioned
2. Internet Connectivity: The Internet Gateway and NAT Gateway (with Elastic IP) are established to provide outbound internet access for private subnets
3. Security & Routing: Security groups define traffic rules, route tables configure network paths, and VPC endpoints enable private AWS service access (ECR, S3)
4. Compute Platform: The ECS cluster is created as the container orchestration foundation
5. Service Layer: IAM roles provide permissions, task definitions specify container configurations, and ECS services launch the three microservices
6. Load Balancing: An Application Load Balancer with target groups and listener rules routes external traffic to datamanager and portfoliomanager services
7. Service Discovery: A private DNS namespace enables internal service-to-service communication

Risk analysis

Low Risk - This is a greenfield deployment creating all new resources. No existing infrastructure is being modified or replaced.

Resource Changes

    Name                           Type                                                 Operation
+   execution_role_policy          aws:iam/rolePolicyAttachment:RolePolicyAttachment    create
+   ecs_egress                     aws:ec2/securityGroupRule:SecurityGroupRule          create
+   equitypricemodel_sd            aws:servicediscovery/service:Service                 create
+   portfoliomanager_sd            aws:servicediscovery/service:Service                 create
+   private_subnet_1_rta           aws:ec2/routeTableAssociation:RouteTableAssociation  create
+   ecr_api_endpoint               aws:ec2/vpcEndpoint:VpcEndpoint                      create
+   portfoliomanager_service       aws:ecs/service:Service                              create
+   igw                            aws:ec2/internetGateway:InternetGateway              create
+   public_subnet_2                aws:ec2/subnet:Subnet                                create
+   public_subnet_1                aws:ec2/subnet:Subnet                                create
+   portfoliomanager_tg            aws:lb/targetGroup:TargetGroup                       create
+   datamanager_logs               aws:cloudwatch/logGroup:LogGroup                     create
+   datamanager_sd                 aws:servicediscovery/service:Service                 create
+   private_subnet_2_rta           aws:ec2/routeTableAssociation:RouteTableAssociation  create
+   equitypricemodel_service       aws:ecs/service:Service                              create
+   pocketsizefund-production      pulumi:pulumi:Stack                                  create
+   private_route_table            aws:ec2/routeTable:RouteTable                        create
+   equitypricemodel_logs          aws:cloudwatch/logGroup:LogGroup                     create
+   task_role_s3_policy            aws:iam/rolePolicy:RolePolicy                        create
+   public_internet_route          aws:ec2/route:Route                                  create
+   ecs_self_ingress               aws:ec2/securityGroupRule:SecurityGroupRule          create
+   portfoliomanager_task          aws:ecs/taskDefinition:TaskDefinition                create
+   vpc                            aws:ec2/vpc:Vpc                                      create
+   private_subnet_2               aws:ec2/subnet:Subnet                                create
+   alb_sg                         aws:ec2/securityGroup:SecurityGroup                  create
+   vpc_endpoints_sg               aws:ec2/securityGroup:SecurityGroup                  create
+   public_subnet_1_rta            aws:ec2/routeTableAssociation:RouteTableAssociation  create
+   ecs_from_alb                   aws:ec2/securityGroupRule:SecurityGroupRule          create
+   alb                            aws:lb/loadBalancer:LoadBalancer                     create
+   portfoliomanager_rule          aws:lb/listenerRule:ListenerRule                     create
+   private_subnet_1               aws:ec2/subnet:Subnet                                create
+   ecs_sg                         aws:ec2/securityGroup:SecurityGroup                  create
+   execution_role_secrets_policy  aws:iam/rolePolicy:RolePolicy                        create
+   datamanager_rule               aws:lb/listenerRule:ListenerRule                     create
+   datamanager_service            aws:ecs/service:Service                              create
+   execution_role                 aws:iam/role:Role                                    create
+   datamanager_tg                 aws:lb/targetGroup:TargetGroup                       create
+   portfoliomanager_logs          aws:cloudwatch/logGroup:LogGroup                     create
+   nat_gateway                    aws:ec2/natGateway:NatGateway                        create
+   vpc_endpoints_ingress          aws:ec2/securityGroupRule:SecurityGroupRule          create
+   s3_gateway_endpoint            aws:ec2/vpcEndpoint:VpcEndpoint                      create
... and 12 other changes

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In @maskfile.md:
- Line 101: The Docker build flag was changed to "--output type=docker", which
writes a tarball to stdout and prevents the image from being loaded into the
local daemon for the immediate "docker push"; revert that flag back to "--load"
so the single-platform build (e.g., with "--platform linux/amd64") loads the
image into the local Docker daemon and the subsequent "docker push" can find the
manifest.

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e0c3f61 and ad8c047.

📒 Files selected for processing (1)

• maskfile.md

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Run Rust code checks

[Copilot]

Pull request overview

Copilot reviewed 1 out of 2 changed files in this pull request and generated no new comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.