chore: dev from dump improvement

[chedieck]

Description

• Fix make dev-from-dump workflow to spin up a local dev env with a prod database dump
• Named Docker volume for DB so the long import only happens once
• pv progress bar during dump import
• Skips prisma migrations (uses migrate deploy since dump already has schema + migration history)
• Skips cache rebuild in dev-from-dump (prevents MariaDB I/O saturation)
• Pages load in seconds instead of hanging for minutes with prod-sized data

New make targets

• make stop-dev-from-dump — stop without losing DB
• make reset-dev-from-dump — full restart
• make reset-dev-from-dump-keep-db — restart dev container only, DB stays
• make nuke-dev-from-dump — destroy everything including DB volume

Remarks

• Requires a dump.sql in the repo root (from mariadb-dump on prod)
• First run takes 15-30 min (importing 2.6GB dump). Subsequent runs are instant

Test Plan

1. Place a prod dump.sql in root
2. make dev-from-dump — watch db logs for pv progress
3. Once done, navigate to localhost:3000 — dashboard, payments, buttons, wallets should all load within seconds
4. make stop-dev-from-dump && make dev-from-dump — should skip import (instant start)
5. make nuke-dev-from-dump && make dev-from-dump — should reimport from scratch

Summary by CodeRabbit

• Chores

  • Added development commands and Docker Compose support for dump-based workflows; new env flags to enable dump mode and skip cache rebuild.
  • Persisted dump-based database data to a named volume.
  • Updated ignore rules to exclude a runtime file.

• Performance

  • Optionally skip cache rebuild to speed startup when using database dumps.

• Usability

  • Improved database import with progress reporting and more robust startup behavior for migrations/seeding.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR adds a "dev-from-dump" mode that initializes app state from database dumps: environment flags and Makefile targets, a dump-aware Docker Compose with a persistent DB volume, dump import scripting with progress streaming, and runtime changes to skip cache rebuilds and run production-style Prisma migrations.

Changes

Dev-from-dump Development Workflow

Layer / File(s)	Summary
Environment and orchestration setup .env.from-dump, Makefile, docker-compose-from-dump.yml, .gitignore	Adds FROM_DUMP=true and SKIP_CACHE_REBUILD=true to .env.from-dump. Adds Make targets stop-dev-from-dump, reset-dev-from-dump, reset-dev-from-dump-keep-db, and nuke-dev-from-dump that operate with docker-compose-from-dump.yml. Compose mounts a named volume paybutton-dump-db-data to persist /var/lib/mysql. Adds .forever to .gitignore.
Database dump import infrastructure scripts/db/Dockerfile, scripts/db-entrypoint.sh	Installs pv in the DB image. Entrypoint separates dump vs non-dump SQL: dump files are symlinked and streamed through pv with size reporting (stat + numfmt), while non-dump SQL undergoes envsubst and is imported normally.
Application behavior for FROM_DUMP mode scripts/paybutton-server-start.sh, redis/paymentCache.ts	When FROM_DUMP=true (or ENVIRONMENT=production) the startup runs prisma migrate deploy + prisma generate; otherwise it runs prisma migrate dev + prisma db seed. pm2 jobs and WSServer start after Prisma. Payment cache rebuild logic in getPaymentList, initPaymentCache, and getPaymentStream is skipped when SKIP_CACHE_REBUILD is set.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• PayButton/paybutton-server#1111: Both PRs modify scripts/paybutton-server-start.sh to update Prisma migration behavior by running prisma migrate deploy and prisma generate in the production/from-dump path.

Suggested labels

enhancement (development)

Suggested reviewers

• Fabcien

Poem

🐰 I hopped in with a dump and a grin so wide,
No seeds to sow — the snapshot's by my side.
pv hums softly as the SQL streams through,
Cache rebuilds nap while migrations do.
A rabbit-approved restart — quick, steady, true.

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'chore: dev from dump improvement' is vague and generic, lacking specificity about what improvements are made to the dev-from-dump workflow.	Use a more specific title that captures the main improvements, such as 'chore: improve dev-from-dump with persistent volumes and cache skipping' or similar.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description check	✅ Passed	The description is comprehensive and well-structured, covering the main objectives, new make targets, implementation details, and a detailed test plan aligned with the template structure.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch chore/dev-from-dump-improvement

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

docker-compose-from-dump.yml (1)

10-11: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Include the base .env/.env.local in paybutton (or ensure prod loads dotenv)

• docker-compose-from-dump.yml sets paybutton to only env_file: - .env.from-dump, while scripts/paybutton-server-start.sh sources .env / .env.local in sh.
• .env uses plain KEY=... assignments (no export), so those values aren’t reliably inherited by PM2 child processes.
• yarn prisma and the dev/init scripts load .env via dotenv-cli, but ENVIRONMENT=production runs yarn prod, which does not load dotenv; .env.local overrides also won’t be applied to those children.

Suggested fix

   env_file:
+    - .env
+    - .env.local
     - .env.from-dump

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docker-compose-from-dump.yml` around lines 10 - 11, The paybutton service
only references .env.from-dump which causes production children (PM2 / yarn prod
started by scripts/paybutton-server-start.sh) to miss variables from
.env/.env.local; update the paybutton docker-compose service to include the base
env files (add .env and .env.local to env_file alongside .env.from-dump) or
ensure the startup script/supervisor (scripts/paybutton-server-start.sh / the
PM2 start command invoked) explicitly loads dotenv before launching yarn prod so
that non-exported KEY= values are available to child processes; locate the
paybutton service block in docker-compose-from-dump.yml and the startup in
scripts/paybutton-server-start.sh to apply the change.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@redis/paymentCache.ts`:
- Around line 33-40: The current guard around cache warmup in getPaymentList
prevents the per-address lazy initialization when SKIP_CACHE_REBUILD is set,
causing a first-run cache miss to return an empty payment list; change the logic
so SKIP_CACHE_REBUILD only disables the bulk/warmup path but still iterates
getUserUncachedAddresses and calls CacheSet.addressCreation for each address (so
the DB-backed lazy path runs), updating the same behavior in the corresponding
getPaymentStream area (the code referencing getUserUncachedAddresses,
CacheSet.addressCreation, getCachedPaymentsForUser/getPaymentStream) to ensure
uncached addresses fallback to MariaDB rather than producing an empty result.

In `@scripts/db/Dockerfile`:
- Around line 5-6: The Dockerfile's RUN line uses "apt-get update || echo" and
"apt-get install -y gettext pv || echo" which hides failures and lets the image
build without envsubst/pv causing runtime errors in scripts/db-entrypoint.sh;
remove the "|| echo" fallbacks and make the RUN step fail on error (so apt-get
update and apt-get install return non-zero on failure), ensuring missing
packages like gettext (envsubst) and pv cause the build to fail early and
visibly.

---

Outside diff comments:
In `@docker-compose-from-dump.yml`:
- Around line 10-11: The paybutton service only references .env.from-dump which
causes production children (PM2 / yarn prod started by
scripts/paybutton-server-start.sh) to miss variables from .env/.env.local;
update the paybutton docker-compose service to include the base env files (add
.env and .env.local to env_file alongside .env.from-dump) or ensure the startup
script/supervisor (scripts/paybutton-server-start.sh / the PM2 start command
invoked) explicitly loads dotenv before launching yarn prod so that non-exported
KEY= values are available to child processes; locate the paybutton service block
in docker-compose-from-dump.yml and the startup in
scripts/paybutton-server-start.sh to apply the change.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 2ab7adb4-4c1c-4e91-a31f-c56f99442413

📥 Commits

Reviewing files that changed from the base of the PR and between 7d4e91d and 18879a6.

📒 Files selected for processing (8)

• .env.from-dump
• .gitignore
• Makefile
• docker-compose-from-dump.yml
• redis/paymentCache.ts
• scripts/db-entrypoint.sh
• scripts/db/Dockerfile
• scripts/paybutton-server-start.sh

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Fail the image build when gettext/pv installation fails.

The || echo clauses swallow apt-get failures, so this image can build without envsubst or pv and then fail much later inside scripts/db-entrypoint.sh. That makes the dump workflow flaky and much harder to diagnose.

Suggested fix

-RUN apt-get update || echo && \
-      apt-get install -y gettext pv || echo
+RUN apt-get update && \
+      apt-get install -y --no-install-recommends gettext pv && \
+      rm -rf /var/lib/apt/lists/*

🧰 Tools

🪛 Trivy (0.69.3)

[error] 5-6: 'apt-get' missing '--no-install-recommends'

'--no-install-recommends' flag is missed: 'apt-get update || echo && apt-get install -y gettext pv || echo'

Rule: DS-0029

Learn more

(IaC/Dockerfile)

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@scripts/db/Dockerfile` around lines 5 - 6, The Dockerfile's RUN line uses
"apt-get update || echo" and "apt-get install -y gettext pv || echo" which hides
failures and lets the image build without envsubst/pv causing runtime errors in
scripts/db-entrypoint.sh; remove the "|| echo" fallbacks and make the RUN step
fail on error (so apt-get update and apt-get install return non-zero on
failure), ensuring missing packages like gettext (envsubst) and pv cause the
build to fail early and visibly.

[Fabcien]

Not sure I understand the use of || echo here, if the goal is to avoid failures then || true seems more appropriated

[Fabcien]

This is unreachable, you're already in a if [ "$ENVIRONMENT" = "production" ]; branch
Edit: I see this is fixed in the follow up commit. Better squash in this case to make the review easier

[coderabbitai]

Actionable comments posted: 2

♻️ Duplicate comments (1)

scripts/db/Dockerfile (1)

5-6: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Fail fast when installing required packages.

|| true hides install failures, so the image may build without gettext/pv and then fail during dump import runtime.

Suggested fix

-RUN apt-get update || true && \
-      apt-get install -y gettext pv || true
+RUN apt-get update && \
+      apt-get install -y --no-install-recommends gettext pv && \
+      rm -rf /var/lib/apt/lists/*

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@scripts/db/Dockerfile` around lines 5 - 6, The Dockerfile currently masks
failures by appending "|| true" to the apt-get commands; remove those "|| true"
tokens so the build fails on package-install errors and replace the line with a
safe, failing-on-error install such as using apt-get update &&
DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends
gettext pv && rm -rf /var/lib/apt/lists/* (keep the RUN instruction that
contains the apt-get update/install sequence).

Source: Linters/SAST tools

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@scripts/db-entrypoint.sh`:
- Line 27: The echo line uses unquoted $filesize when invoking numfmt which can
cause word-splitting or empty-argument issues; update the call in
scripts/db-entrypoint.sh so numfmt receives a single argument by quoting the
variable (use "$filesize" instead of $filesize) in the echo/numfmt pipeline
where the import message is printed.
- Around line 24-34: The loop that imports SQL files (the for file in *.sql; do
block) ignores failures from the mariadb and pv pipelines and still prints "Done
importing $file", risking partial DB initialization; modify the script to enable
strict failure handling (e.g., set -euo pipefail) or explicitly check the
command exit statuses after each import command (both pv "$file" | mariadb -u
root -p"$MYSQL_ROOT_PASSWORD" and mariadb -u root -p"$MYSQL_ROOT_PASSWORD" <
"$file") and if a command fails, print an error with the file name and exit
non‑zero immediately instead of printing "Done importing $file".

---

Duplicate comments:
In `@scripts/db/Dockerfile`:
- Around line 5-6: The Dockerfile currently masks failures by appending "||
true" to the apt-get commands; remove those "|| true" tokens so the build fails
on package-install errors and replace the line with a safe, failing-on-error
install such as using apt-get update && DEBIAN_FRONTEND=noninteractive apt-get
install -y --no-install-recommends gettext pv && rm -rf /var/lib/apt/lists/*
(keep the RUN instruction that contains the apt-get update/install sequence).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: ed7edc70-2290-4b93-8aba-d73c86ff544a

📥 Commits

Reviewing files that changed from the base of the PR and between 18879a6 and d9ba144.

📒 Files selected for processing (8)

• .env.from-dump
• .gitignore
• Makefile
• docker-compose-from-dump.yml
• redis/paymentCache.ts
• scripts/db-entrypoint.sh
• scripts/db/Dockerfile
• scripts/paybutton-server-start.sh

✅ Files skipped from review due to trivial changes (3)

• .gitignore
• docker-compose-from-dump.yml
• Makefile

🚧 Files skipped from review as they are similar to previous changes (2)

• scripts/paybutton-server-start.sh
• redis/paymentCache.ts

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Stop on import errors to avoid partial DB initialization.

This loop continues even if mariadb/pv fails, and still logs Done importing ..., which can leave a partially imported database while returning success.

Suggested fix

+set -euo pipefail
+
 for file in *.sql; do
     if [[ "$file" == *dump* ]]; then
         filesize=$(stat -Lc%s "$file" 2>/dev/null || stat -Lf%z "$file" 2>/dev/null)
         echo "Importing $file ($(numfmt --to=iec $filesize)) ..."
-        pv "$file" | mariadb -u root -p"$MYSQL_ROOT_PASSWORD"
+        pv "$file" | mariadb -u root -p"$MYSQL_ROOT_PASSWORD"
     else
         echo "Importing $file ..."
         mariadb -u root -p"$MYSQL_ROOT_PASSWORD" < "$file"
     fi
     echo "Done importing $file"
 done

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	for file in *.sql; do
	mariadb -u root -p"$MYSQL_ROOT_PASSWORD" < "$file"
	if [[ "$file" == *dump* ]]; then
	filesize=$(stat -Lc%s "$file" 2>/dev/null || stat -Lf%z "$file" 2>/dev/null)
	echo "Importing $file ($(numfmt --to=iec $filesize)) ..."
	pv "$file" | mariadb -u root -p"$MYSQL_ROOT_PASSWORD"
	else
	echo "Importing $file ..."
	mariadb -u root -p"$MYSQL_ROOT_PASSWORD" < "$file"
	fi
	echo "Done importing $file"
	done
	set -euo pipefail
	for file in *.sql; do
	if [[ "$file" == *dump* ]]; then
	filesize=$(stat -Lc%s "$file" 2>/dev/null || stat -Lf%z "$file" 2>/dev/null)
	echo "Importing $file ($(numfmt --to=iec $filesize)) ..."
	pv "$file" | mariadb -u root -p"$MYSQL_ROOT_PASSWORD"
	else
	echo "Importing $file ..."
	mariadb -u root -p"$MYSQL_ROOT_PASSWORD" < "$file"
	fi
	echo "Done importing $file"
	done

🧰 Tools

🪛 Shellcheck (0.11.0)

[info] 27-27: Double quote to prevent globbing and word splitting.

(SC2086)

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@scripts/db-entrypoint.sh` around lines 24 - 34, The loop that imports SQL
files (the for file in *.sql; do block) ignores failures from the mariadb and pv
pipelines and still prints "Done importing $file", risking partial DB
initialization; modify the script to enable strict failure handling (e.g., set
-euo pipefail) or explicitly check the command exit statuses after each import
command (both pv "$file" | mariadb -u root -p"$MYSQL_ROOT_PASSWORD" and mariadb
-u root -p"$MYSQL_ROOT_PASSWORD" < "$file") and if a command fails, print an
error with the file name and exit non‑zero immediately instead of printing "Done
importing $file".

[coderabbitai]

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Quote filesize when calling numfmt.

Unquoted $filesize can trigger argument-splitting/empty-arg behavior; quote it to keep parsing deterministic.

Suggested fix

-        echo "Importing $file ($(numfmt --to=iec $filesize)) ..."
+        echo "Importing $file ($(numfmt --to=iec "$filesize")) ..."

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	echo "Importing $file ($(numfmt --to=iec $filesize)) ..."
	echo "Importing $file ($(numfmt --to=iec "$filesize")) ..."

🧰 Tools

🪛 Shellcheck (0.11.0)

[info] 27-27: Double quote to prevent globbing and word splitting.

(SC2086)

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@scripts/db-entrypoint.sh` at line 27, The echo line uses unquoted $filesize
when invoking numfmt which can cause word-splitting or empty-argument issues;
update the call in scripts/db-entrypoint.sh so numfmt receives a single argument
by quoting the variable (use "$filesize" instead of $filesize) in the
echo/numfmt pipeline where the import message is printed.

Source: Linters/SAST tools