Skip to content

fix: upgraded version of docling#1995

Merged
lucaseduoli merged 16 commits into
mainfrom
fix/upgrade_docling
Jul 3, 2026
Merged

fix: upgraded version of docling#1995
lucaseduoli merged 16 commits into
mainfrom
fix/upgrade_docling

Conversation

@lucaseduoli

@lucaseduoli lucaseduoli commented Jul 1, 2026

Copy link
Copy Markdown
Collaborator

This pull request updates the dependencies and configuration used to launch the Docling server, ensuring compatibility with newer versions and Python 3.13.

Dependency and configuration updates:

  • Updated the Python version used by the uvx command to 3.13 for improved compatibility and future-proofing.
  • Upgraded docling-serve[ui] from version 1.20.0 to 1.26.0, docling from 2.95.0 to 2.108.0, and docling-core from 2.77.1 to 2.85.0 to include the latest features and bug fixes.
  • Removed the explicit dependency on docling-jobkit==1.20.0, likely because it is no longer required or included transitively.

Summary by CodeRabbit

  • Chores
    • Updated the document-processing service to newer bundled component versions and refreshed how it passes required runtime headers when launching the serving process.
    • Improved CI build performance and reliability by adopting Docker Buildx with deterministic, content-hash caching and adding broader Docker cleanup.
    • Refined integration/e2e log collection to use Compose project-prefixed container names, expanded captured service logs, and added conditional retrieval of the Docling serve log when available.
    • Added a CI helper to compute deterministic content hashes for cache keys.

@lucaseduoli lucaseduoli self-assigned this Jul 1, 2026
@github-actions github-actions Bot added the backend 🔷 Issues related to backend services (OpenSearch, Langflow, APIs) label Jul 1, 2026
@coderabbitai

coderabbitai Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

  • @coderabbitai resume to resume automatic reviews.
  • @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

  • ▶️ Resume reviews
  • 🔍 Trigger review

Walkthrough

Docling launch now uses updated dependency pins and an explicit environment, CI image builds now use Buildx with caching and Docker pruning, and failure-log collection now targets Compose-prefixed service names while copying the Docling server log when available.

Changes

Docling launch and CI/log collection updates

Layer / File(s) Summary
Update Docling launch pins and env
src/tui/managers/docling_manager.py
The uvx command updates the Docling package pins, removes docling-jobkit, and passes a copied environment with DOCLING_SERVE_ENG_RAY_TENANT_ID_HEADER set when absent.
Rework CI image builds and cleanup
.github/workflows/test-ci.yml, Makefile
CI cleanup steps now prune Docker system resources, ci-build-images runs image builds sequentially, and the workflow’s OpenRAG image build path now uses Buildx with cached image tarballs and hash-based cache keys.
Align failure log collection
.github/workflows/test-ci.yml, Makefile, scripts/ci/run_integration_suite.sh
Failure-path log collection now uses Compose-prefixed service/container names and copies ~/.openrag/tui/docling-serve.log into service-logs/docling.log when present.

Estimated code review effort: 3 (Moderate) | ~20 minutes

Possibly related PRs

Suggested labels: refactor

Suggested reviewers: ricofurtado, edwinjosechittilappilly

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title matches the main change: upgrading Docling dependencies and launch configuration.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch fix/upgrade_docling

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@github-actions github-actions Bot added bug 🔴 Something isn't working. and removed bug 🔴 Something isn't working. labels Jul 1, 2026
@github-actions github-actions Bot added bug 🔴 Something isn't working. and removed bug 🔴 Something isn't working. labels Jul 2, 2026

@edwinjosechittilappilly edwinjosechittilappilly left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@github-actions github-actions Bot added the lgtm label Jul 2, 2026
@github-actions github-actions Bot added ci ⬛ CI/CD, build, and infrastructure issues bug 🔴 Something isn't working. and removed bug 🔴 Something isn't working. labels Jul 2, 2026

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@Makefile`:
- Around line 1156-1160: The log collection step in the Makefile is writing raw
container output to service-logs without the same secret-masking used by
scripts/ci/run_integration_suite.sh. Update the log capture commands for the
langflow, backend, frontend, opensearch, and docling-serve paths to pass their
output through the existing redact/filter logic before saving, so Bearer tokens,
sk- keys, and OPENSEARCH_PASSWORD are masked consistently. Keep the change
localized to the log-collection target and reuse the same redaction approach
already used in the integration suite script.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 4f1e110f-ed6c-4474-95c5-0d382a452eea

📥 Commits

Reviewing files that changed from the base of the PR and between b10ddf0 and a1f8a45.

📒 Files selected for processing (3)
  • .github/workflows/test-ci.yml
  • Makefile
  • scripts/ci/run_integration_suite.sh
✅ Files skipped from review due to trivial changes (1)
  • .github/workflows/test-ci.yml

Comment thread Makefile
Comment on lines +1156 to +1160
$(CONTAINER_RUNTIME) logs $(COMPOSE_PROJECT_NAME)-langflow > service-logs/langflow.log 2>&1 || echo "$(RED)Could not get Langflow logs$(NC)"; \
$(CONTAINER_RUNTIME) logs $(COMPOSE_PROJECT_NAME)-backend > service-logs/backend.log 2>&1 || echo "$(RED)Could not get backend logs$(NC)"; \
$(CONTAINER_RUNTIME) logs $(COMPOSE_PROJECT_NAME)-frontend > service-logs/frontend.log 2>&1 || echo "$(RED)Could not get frontend logs$(NC)"; \
$(CONTAINER_RUNTIME) logs $(COMPOSE_PROJECT_NAME)-opensearch > service-logs/opensearch.log 2>&1 || echo "$(RED)Could not get OpenSearch logs$(NC)"; \
if [ -f ~/.openrag/tui/docling-serve.log ]; then cp ~/.openrag/tui/docling-serve.log service-logs/docling.log 2>/dev/null || echo "$(RED)Could not get Docling logs$(NC)"; fi; \

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔒 Security & Privacy | 🟠 Major | ⚡ Quick win

Log collection here doesn't redact secrets, unlike the equivalent script.

scripts/ci/run_integration_suite.sh pipes each docker logs invocation through a redact() filter that masks Bearer tokens, sk- keys, and $OPENSEARCH_PASSWORD before writing to service-logs/. This Makefile path writes raw $(CONTAINER_RUNTIME) logs output directly to service-logs/*.log with no redaction, even though the same target curls OpenSearch with -u admin:$${OPENSEARCH_PASSWORD} (Line 1085/956) and other steps pass API keys as env vars to containers. If these logs are captured as CI artifacts on failure, secrets could leak.

🔒 Align with the redaction used in run_integration_suite.sh
+	redact() { \
+		local pw="$${OPENSEARCH_PASSWORD:-__unset__}"; \
+		pw=$$(printf '%s\n' "$$pw" | sed -E 's/([][\\/.*+?^$|()])/\\\1/g'); \
+		sed -E -e 's/Bearer [A-Za-z0-9._-]+/Bearer **REDACTED**/g' \
+		       -e 's/token=[A-Za-z0-9._-]+/token=**REDACTED**/g' \
+		       -e 's/sk-[A-Za-z0-9._-]+/sk-**REDACTED**/g' \
+		       -e "s/$${pw}/**REDACTED**/g"; \
+	}; \
-		$(CONTAINER_RUNTIME) logs $(COMPOSE_PROJECT_NAME)-langflow > service-logs/langflow.log 2>&1 || echo "$(RED)Could not get Langflow logs$(NC)"; \
-		$(CONTAINER_RUNTIME) logs $(COMPOSE_PROJECT_NAME)-backend > service-logs/backend.log 2>&1 || echo "$(RED)Could not get backend logs$(NC)"; \
-		$(CONTAINER_RUNTIME) logs $(COMPOSE_PROJECT_NAME)-frontend > service-logs/frontend.log 2>&1 || echo "$(RED)Could not get frontend logs$(NC)"; \
-		$(CONTAINER_RUNTIME) logs $(COMPOSE_PROJECT_NAME)-opensearch > service-logs/opensearch.log 2>&1 || echo "$(RED)Could not get OpenSearch logs$(NC)"; \
+		$(CONTAINER_RUNTIME) logs $(COMPOSE_PROJECT_NAME)-langflow 2>&1 | redact > service-logs/langflow.log || echo "$(RED)Could not get Langflow logs$(NC)"; \
+		$(CONTAINER_RUNTIME) logs $(COMPOSE_PROJECT_NAME)-backend 2>&1 | redact > service-logs/backend.log || echo "$(RED)Could not get backend logs$(NC)"; \
+		$(CONTAINER_RUNTIME) logs $(COMPOSE_PROJECT_NAME)-frontend 2>&1 | redact > service-logs/frontend.log || echo "$(RED)Could not get frontend logs$(NC)"; \
+		$(CONTAINER_RUNTIME) logs $(COMPOSE_PROJECT_NAME)-opensearch 2>&1 | redact > service-logs/opensearch.log || echo "$(RED)Could not get OpenSearch logs$(NC)"; \
-		if [ -f ~/.openrag/tui/docling-serve.log ]; then cp ~/.openrag/tui/docling-serve.log service-logs/docling.log 2>/dev/null || echo "$(RED)Could not get Docling logs$(NC)"; fi; \
+		if [ -f ~/.openrag/tui/docling-serve.log ]; then redact < ~/.openrag/tui/docling-serve.log > service-logs/docling.log 2>/dev/null || echo "$(RED)Could not get Docling logs$(NC)"; fi; \
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
$(CONTAINER_RUNTIME) logs $(COMPOSE_PROJECT_NAME)-langflow > service-logs/langflow.log 2>&1 || echo "$(RED)Could not get Langflow logs$(NC)"; \
$(CONTAINER_RUNTIME) logs $(COMPOSE_PROJECT_NAME)-backend > service-logs/backend.log 2>&1 || echo "$(RED)Could not get backend logs$(NC)"; \
$(CONTAINER_RUNTIME) logs $(COMPOSE_PROJECT_NAME)-frontend > service-logs/frontend.log 2>&1 || echo "$(RED)Could not get frontend logs$(NC)"; \
$(CONTAINER_RUNTIME) logs $(COMPOSE_PROJECT_NAME)-opensearch > service-logs/opensearch.log 2>&1 || echo "$(RED)Could not get OpenSearch logs$(NC)"; \
if [ -f ~/.openrag/tui/docling-serve.log ]; then cp ~/.openrag/tui/docling-serve.log service-logs/docling.log 2>/dev/null || echo "$(RED)Could not get Docling logs$(NC)"; fi; \
redact() { \
local pw="$${OPENSEARCH_PASSWORD:-__unset__}"; \
pw=$$(printf '%s\n' "$$pw" | sed -E 's/([][\\/.*+?^$|()])/\\\1/g'); \
sed -E -e 's/Bearer [A-Za-z0-9._-]+/Bearer **REDACTED**/g' \
-e 's/token=[A-Za-z0-9._-]+/token=**REDACTED**/g' \
-e 's/sk-[A-Za-z0-9._-]+/sk-**REDACTED**/g' \
-e "s/$${pw}/**REDACTED**/g"; \
}; \
$(CONTAINER_RUNTIME) logs $(COMPOSE_PROJECT_NAME)-langflow 2>&1 | redact > service-logs/langflow.log || echo "$(RED)Could not get Langflow logs$(NC)"; \
$(CONTAINER_RUNTIME) logs $(COMPOSE_PROJECT_NAME)-backend 2>&1 | redact > service-logs/backend.log || echo "$(RED)Could not get backend logs$(NC)"; \
$(CONTAINER_RUNTIME) logs $(COMPOSE_PROJECT_NAME)-frontend 2>&1 | redact > service-logs/frontend.log || echo "$(RED)Could not get frontend logs$(NC)"; \
$(CONTAINER_RUNTIME) logs $(COMPOSE_PROJECT_NAME)-opensearch 2>&1 | redact > service-logs/opensearch.log || echo "$(RED)Could not get OpenSearch logs$(NC)"; \
if [ -f ~/.openrag/tui/docling-serve.log ]; then redact < ~/.openrag/tui/docling-serve.log > service-logs/docling.log 2>/dev/null || echo "$(RED)Could not get Docling logs$(NC)"; fi; \
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@Makefile` around lines 1156 - 1160, The log collection step in the Makefile
is writing raw container output to service-logs without the same secret-masking
used by scripts/ci/run_integration_suite.sh. Update the log capture commands for
the langflow, backend, frontend, opensearch, and docling-serve paths to pass
their output through the existing redact/filter logic before saving, so Bearer
tokens, sk- keys, and OPENSEARCH_PASSWORD are masked consistently. Keep the
change localized to the log-collection target and reuse the same redaction
approach already used in the integration suite script.

@github-actions github-actions Bot added bug 🔴 Something isn't working. and removed bug 🔴 Something isn't working. labels Jul 2, 2026

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)
.github/workflows/test-ci.yml (2)

346-354: 🔒 Security & Privacy | 🟠 Major | ⚡ Quick win

No redaction of raw container logs; also drops openrag-backend-proxy log capture.

Two concerns:

  1. docker logs output is written directly to service-logs/*.log with no secret redaction, mirroring an already-flagged unresolved issue in Makefile (Lines 1152-1156) where OPENSEARCH_PASSWORD and API keys could leak into uploaded failure artifacts.
  2. The openrag-backend-proxy container is still referenced during teardown (Line 384: docker rm -f openrag-backend-proxy), implying it's a real running service, but its logs are no longer captured on failure — losing diagnostic coverage for that component.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/test-ci.yml around lines 346 - 354, Failure log collection
is writing raw container output without redaction and is missing the
openrag-backend-proxy service. Update the test-ci workflow’s Collect service
logs on failure step to sanitize sensitive values before saving docker output to
service-logs/*.log, following the same secret-risk concerns noted elsewhere, and
add capture for openrag-backend-proxy alongside the existing openrag-opensearch,
openrag-backend, openrag-frontend, and openrag-langflow logs. Keep the fix
localized to the log-collection step so the teardown service names remain
consistent.

107-166: 🚀 Performance & Scalability | 🟡 Minor | ⚡ Quick win

Use separate Buildx cache directories per image

The PR branch exports opensearch, backend, frontend, and langflow into the same type=local cache destination, so each export replaces that directory’s index.json and only the last image’s cache stays importable on the next run. Split the cache by image to keep all four caches usable. The DockerHub branch only does one export, so it doesn’t have the same overwrite problem.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/test-ci.yml around lines 107 - 166, The Buildx cache
handling in the Build OpenRAG images step is overwriting shared local cache
state when building multiple images in the PR path. Update the build logic
around build_image so each image (opensearch, backend, frontend, langflow) uses
its own distinct type=local cache destination/source directory instead of
reusing /tmp/.buildx-cache and /tmp/.buildx-cache-new. Keep the DockerHub branch
unchanged, since it only exports one cache and doesn’t have the same collision
issue.
♻️ Duplicate comments (1)
Makefile (1)

1149-1157: 🔒 Security & Privacy | 🟠 Major | ⚡ Quick win

Unresolved: log collection still lacks secret redaction.

This is the same code flagged in a prior review round — the redact() step was never applied. $(CONTAINER_RUNTIME) logs output for langflow/backend/frontend/opensearch and the copied docling-serve.log are still written raw to service-logs/, while this same target curls OpenSearch with -u admin:$${OPENSEARCH_PASSWORD} elsewhere, risking credential leakage into uploaded CI artifacts.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@Makefile` around lines 1149 - 1157, The test-failure log collection in the
Makefile still writes raw container and docling logs to service-logs/, so add
the missing redact() step before saving any logs. Update the same log-saving
block that runs after TEST_RESULT fails to pipe the output of each
$(CONTAINER_RUNTIME) logs call and the copied ~/.openrag/tui/docling-serve.log
through redact() (or an equivalent secret-filtering helper) before writing to
langflow.log, backend.log, frontend.log, opensearch.log, and docling.log. Keep
the existing log locations and filenames, but ensure all collected artifacts are
sanitized consistently.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In @.github/workflows/test-ci.yml:
- Around line 346-354: Failure log collection is writing raw container output
without redaction and is missing the openrag-backend-proxy service. Update the
test-ci workflow’s Collect service logs on failure step to sanitize sensitive
values before saving docker output to service-logs/*.log, following the same
secret-risk concerns noted elsewhere, and add capture for openrag-backend-proxy
alongside the existing openrag-opensearch, openrag-backend, openrag-frontend,
and openrag-langflow logs. Keep the fix localized to the log-collection step so
the teardown service names remain consistent.
- Around line 107-166: The Buildx cache handling in the Build OpenRAG images
step is overwriting shared local cache state when building multiple images in
the PR path. Update the build logic around build_image so each image
(opensearch, backend, frontend, langflow) uses its own distinct type=local cache
destination/source directory instead of reusing /tmp/.buildx-cache and
/tmp/.buildx-cache-new. Keep the DockerHub branch unchanged, since it only
exports one cache and doesn’t have the same collision issue.

---

Duplicate comments:
In `@Makefile`:
- Around line 1149-1157: The test-failure log collection in the Makefile still
writes raw container and docling logs to service-logs/, so add the missing
redact() step before saving any logs. Update the same log-saving block that runs
after TEST_RESULT fails to pipe the output of each $(CONTAINER_RUNTIME) logs
call and the copied ~/.openrag/tui/docling-serve.log through redact() (or an
equivalent secret-filtering helper) before writing to langflow.log, backend.log,
frontend.log, opensearch.log, and docling.log. Keep the existing log locations
and filenames, but ensure all collected artifacts are sanitized consistently.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 8e6bf9bd-4308-4636-894b-b711bcb1f6ca

📥 Commits

Reviewing files that changed from the base of the PR and between a1f8a45 and 3da9cf5.

📒 Files selected for processing (2)
  • .github/workflows/test-ci.yml
  • Makefile

@github-actions github-actions Bot added the bug 🔴 Something isn't working. label Jul 3, 2026
@github-actions github-actions Bot added bug 🔴 Something isn't working. and removed bug 🔴 Something isn't working. labels Jul 3, 2026
@github-actions github-actions Bot added bug 🔴 Something isn't working. and removed bug 🔴 Something isn't working. labels Jul 3, 2026
@github-actions github-actions Bot added bug 🔴 Something isn't working. and removed bug 🔴 Something isn't working. labels Jul 3, 2026
@lucaseduoli

Copy link
Copy Markdown
Collaborator Author

@coderabbitai review this

@coderabbitai

coderabbitai Bot commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

@lucaseduoli Sure, I'll review the changes now.

✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

@github-actions github-actions Bot added bug 🔴 Something isn't working. and removed bug 🔴 Something isn't working. labels Jul 3, 2026

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

♻️ Duplicate comments (1)
src/tui/managers/docling_manager.py (1)

338-348: 📐 Maintainability & Code Quality | 🟠 Major | ⚡ Quick win

Direct os.environ access still violates path instructions (duplicate of prior finding).

env = os.environ.copy() and the subsequent DOCLING_SERVE_ENG_RAY_TENANT_ID_HEADER check/set repeat the same pattern already flagged in a prior review for DOCLING_SERVE_SINGLE_USE_RESULTS. Per path instructions, config values must come from config/settings.py, the only place os.environ should be read.

♻️ Suggested approach
-            env = os.environ.copy()
-            if "DOCLING_SERVE_ENG_RAY_TENANT_ID_HEADER" not in env:
-                env["DOCLING_SERVE_ENG_RAY_TENANT_ID_HEADER"] = "X-Docling-Tenant-Id"
+            env = os.environ.copy()
+            if "DOCLING_SERVE_ENG_RAY_TENANT_ID_HEADER" not in env:
+                env["DOCLING_SERVE_ENG_RAY_TENANT_ID_HEADER"] = settings.DOCLING_SERVE_ENG_RAY_TENANT_ID_HEADER_DEFAULT

Move default resolution into config/settings.py and import the resolved value here instead.

As per path instructions, "Config values must come from config/settings.py (the only place os.environ is read); never access os.environ elsewhere in the codebase."

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/tui/managers/docling_manager.py` around lines 338 - 348, The subprocess
setup in docling_manager still reads and mutates os.environ directly for
DOCLING_SERVE_ENG_RAY_TENANT_ID_HEADER, which violates the config path rules.
Move the default resolution into config/settings.py alongside the other resolved
settings, then import and use that value in the docling_manager launch path
where subprocess.Popen is built instead of copying or checking os.environ here.

Source: Path instructions

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/test-ci.yml:
- Around line 146-206: The build_or_load_image helper in test-ci.yml can still
run docker save after a failed docker buildx build because it is invoked from an
if/&& chain and set -e won’t stop execution inside the function. Update
build_or_load_image so the save step only runs when the build/load step
succeeds, using the existing build_or_load_image flow and the cached image tag
handling to ensure a stale :cached image is never archived under a fresh cache
key.

In `@scripts/ci/get_image_hash.py`:
- Around line 38-42: The cache key in get_image_hash.py is ambiguous because
os.path.relpath(fp) and the file bytes are fed into hasher back-to-back without
a separator, so different path/content combinations can hash to the same digest.
Update the hashing logic in the file-processing loop to add an unambiguous
delimiter or length prefix between the relative path and each file’s contents,
using the existing hasher.update flow in get_image_hash.

---

Duplicate comments:
In `@src/tui/managers/docling_manager.py`:
- Around line 338-348: The subprocess setup in docling_manager still reads and
mutates os.environ directly for DOCLING_SERVE_ENG_RAY_TENANT_ID_HEADER, which
violates the config path rules. Move the default resolution into
config/settings.py alongside the other resolved settings, then import and use
that value in the docling_manager launch path where subprocess.Popen is built
instead of copying or checking os.environ here.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 2a935f75-74b6-4b2e-a310-28d641606a94

📥 Commits

Reviewing files that changed from the base of the PR and between 3da9cf5 and 0ed367a.

📒 Files selected for processing (3)
  • .github/workflows/test-ci.yml
  • scripts/ci/get_image_hash.py
  • src/tui/managers/docling_manager.py

Comment thread .github/workflows/test-ci.yml Outdated
Comment thread scripts/ci/get_image_hash.py
@github-actions github-actions Bot added bug 🔴 Something isn't working. and removed bug 🔴 Something isn't working. labels Jul 3, 2026
@github-actions github-actions Bot added bug 🔴 Something isn't working. and removed bug 🔴 Something isn't working. labels Jul 3, 2026
@github-actions github-actions Bot added bug 🔴 Something isn't working. and removed bug 🔴 Something isn't working. labels Jul 3, 2026
@github-actions github-actions Bot added bug 🔴 Something isn't working. and removed bug 🔴 Something isn't working. labels Jul 3, 2026
@lucaseduoli lucaseduoli merged commit bdd873f into main Jul 3, 2026
26 of 28 checks passed
@github-actions github-actions Bot deleted the fix/upgrade_docling branch July 3, 2026 17:31
lucaseduoli added a commit that referenced this pull request Jul 7, 2026
…model option (#2031)

* fix: remediate image_scan CVEs in backend, frontend, and langflow images (#2000)

* fix light color text catergory chips in light mode (#2013)

Co-authored-by: Olfa Maslah <[email protected]>

* fix: upgraded version of docling (#1995)

* changed version of docling

* fix logs not being the correct ones

* go back to sequential building to save space

* add cache to builds

* remove single use results from docling manager

* revert single use results

* change the ray tenant id header

* added env

* changed cache to hit if no changes were made

* fix hash for cache

* style: ruff autofix (auto)

* fixed coderabbit

* style: ruff autofix (auto)

* added comment on docling manager

* style: ruff autofix (auto)

---------

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>

* feat: add chunk level page source (#2015)

* Changed export docling document to append page number

* update result on frontend to append page number

* document how to get page number in readmes

* Update flows/components/export_docling_document.py

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>

* Update flows/components/export_docling_document.py

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>

* fix: apply CodeRabbit auto-fixes

Fixed 1 file(s) based on 1 unresolved review comment.

Co-authored-by: CodeRabbit <[email protected]>

* update component code

---------

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Co-authored-by: CodeRabbit <[email protected]>

* fix: error in skip duplicates functionality for folder ingest for connectors (backport of #1941) (#2018)

* fix: error in skip duplicates functionality for folder ingest for connectors 75616(#1842) (#1941)

* fix: enhance duplicate handling and indexing for connector file uploads

* style: ruff autofix (auto)

* fix: improve duplicate handling in connector sync functionality

* chore: trigger CodeRabbit

---------

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
(cherry picked from commit effaf02)

* style: ruff autofix (auto)

* fix: remove duplicate test definitions from main merge

The automated merge-from-main on this branch concatenated two tests
(test_connector_processor_indexes_cleaned_filename,
test_langflow_connector_processor_uses_cleaned_filename) that already
existed under both names, tripping ruff F811. Keep one copy of each,
preferring the version wired with connector_id_exists=True to match
current check_document_exists behavior.

---------

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>

* fix: Ingestion of buckets not working right after connection is tested - CPD #75506 (#1942) (#2019)

* fix: update bucket ingestion messages for clarity and consistency

* fix: guard bucket pre-selection against connection ID mismatch

The defaults query returns the first S3/COS connection regardless of active
status. Only pre-select saved bucket_names when the defaults connection_id
matches the current connector.connectionId to avoid seeding the wrong
buckets if a stale connection exists alongside the active one.



* fix: prevent defaults from overwriting user bucket selections

Two issues in the initial-selection effect:
1. hasAppliedInitial was only set when valid buckets were found, leaving the
   effect live across bucket refreshes and allowing stale defaults to overwrite
   selections made after a refetch.
2. No guard against the async race where buckets loads before initialSelectedBuckets:
   user clicks buckets, defaults arrive later and silently overwrite them.

Fix: mark hasAppliedInitial unconditionally on first evaluation, and only apply
defaults when selectedBuckets is still empty (user hasn't acted yet).



---------


(cherry picked from commit f3823b8)

Co-authored-by: Claude Sonnet 4.6 <[email protected]>

* fix: handle orphan files and return appropriate responses when syncing connectors (#1785) (#2016)

* feat: handle orphan files and return appropriate responses when syncing connectors

* feat: refactor GoogleDriveOAuth to separate required scopes and add handling for missing optional group scopes in tests

* style: ruff autofix (auto)

* feat: add handling for skipped files and warnings in task processing and UI components

---------


(cherry picked from commit aca865a)

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>

* fix: enhance error handling for document processing and add OCR requirement check for image files (#1859) (#2017)

* fix: enhance error handling for document processing and add OCR requirement check for image files

* style: ruff autofix (auto)

* remove clickhouse connect from langflow image (#1801)

* chore: fix ci (#1889)

* Update processors.py

* test fix

* fix ci

---------




(cherry picked from commit a286581)

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Lucas Oliveira <[email protected]>
Co-authored-by: Edwin Jose <[email protected]>

* fix: bump golang.org/x/net to v0.55.0 to remediate CVE-2026-25680 and CVE-2026-39821 (#2014)

* feat: add new design for messages and add inline references (#2020)

* update opensearch multimodal and flows to support parser, chunk size and chunk overlap

* update backend to support citations and chunk metadata

* update frontend to support citations and metadata, implement new design for assistant message

* changed the prompt for the agent

* changed the prompt for the agent

* remove hallucinated chunk references

* adjust design of citations and where popover appears

* adjusted design for message, popover and cards

* fix React Doctor picks

* fix: apply CodeRabbit auto-fixes

Fixed 5 file(s) based on 4 unresolved review comments.

Co-authored-by: CodeRabbit <[email protected]>

* style: apply biome auto-fixes [skip ci]

* updated colors in ibm mode

* fixed react doctor picks

* added correct type and validation for function calls

* remove style for message when on onboarding

* fix message not being w full

* remove search query in end of the message

* change popup to use shadcn popover

* fix coderabbit's suggestion

* increase prompt limit

---------

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Co-authored-by: CodeRabbit <[email protected]>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

* apply new settings on retry (#2010)

* fix: preserve HTTPException status in update_docling_preset (#1586) (#2004)

* fix: report actual synced connection count in connector_sync (#1547) (#2006)

* fix: restore LLM model values in reapply_all_settings fallback (#1587) (#2008)

* fix: prevent partial matches for exact token searches (#2003)

* fix: prevent partial matches for exact token searches (#1937)

* style: ruff autofix (auto)

* chore: remove unused json import

---------

Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>

* fix: target agent component when updating chat flow system prompt (#2001)

* fix: target langflow agent component for system prompt update instead of provider LLM component

Signed-off-by: vchen7629 <[email protected]>

* fix: removed unused llm_provider arg from _update_langflow_system_prompt

Signed-off-by: vchen7629 <[email protected]>

* test: add unit tests for update_chat_flow_system_prompt

Signed-off-by: vchen7629 <[email protected]>

* style: ruff autofix (auto)

* fix(test): resolve flow path relative to repo root in test_langflow_agent_system_prompt

Signed-off-by: vchen7629 <[email protected]>

* style: ruff autofix (auto)

---------

Signed-off-by: vchen7629 <[email protected]>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>

* fix: replaced hardcoded docker.io prefix with a env variable prefix for private repo compatibility (#2002)

Signed-off-by: vchen7629 <[email protected]>

* fix: resolve Pydantic delta serialization warnings in agent streaming (#2005)

* fix: updated agent model dump to exclude delta field

Signed-off-by: vchen7629 <[email protected]>

* test: added regression unit test to verify response field + no warnings

* style: ruff autofix (auto)

* test: added additional unit test to verify that model_dump without exclusion raises the warning

Signed-off-by: vchen7629 <[email protected]>

* style: ruff autofix (auto)

* test: tighten delta warning assertion to match specific Pydantic error

Signed-off-by: vchen7629 <[email protected]>

* style: ruff autofix (auto)

---------

Signed-off-by: vchen7629 <[email protected]>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>

* fix: prevent exception details from leaking in API error responses (#2007)

* fix: removed str(e) in exceptions to prevent internals from leaking

Signed-off-by: vchen7629 <[email protected]>

* style: ruff autofix (auto)

* fix: added missing status_code

Signed-off-by: vchen7629 <[email protected]>

* style: ruff autofix (auto)

---------

Signed-off-by: vchen7629 <[email protected]>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>

* Changed docling options to include local support and be shown in the Langflow tab

* style: ruff autofix (auto)

* enable ollama and delete unused file

* fix next lint

---------

Signed-off-by: vchen7629 <[email protected]>
Co-authored-by: Gautham N Pai <[email protected]>
Co-authored-by: Wallgau <[email protected]>
Co-authored-by: Olfa Maslah <[email protected]>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Co-authored-by: CodeRabbit <[email protected]>
Co-authored-by: Rico Furtado <[email protected]>
Co-authored-by: Claude Sonnet 4.6 <[email protected]>
Co-authored-by: Edwin Jose <[email protected]>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: Mike Fortman <[email protected]>
Co-authored-by: hunterxtang <[email protected]>
Co-authored-by: NishadA05 <[email protected]>
Co-authored-by: Zephyrus <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

backend 🔷 Issues related to backend services (OpenSearch, Langflow, APIs) bug 🔴 Something isn't working. ci ⬛ CI/CD, build, and infrastructure issues lgtm

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants