LCORE-1859: Fix llama-stack startup as non-root user by CodeHex083 · Pull Request #1859 · lightspeed-core/lightspeed-stack

CodeHex083 · 2026-06-06T20:00:42Z

Fixes #124

Seed RAG kvstore is now delivered read-only and copied into the writable storage volume at startup, so the non-root container user (UID 1001) can write the registry kvstore it shares. Fixes the 'attempt to write a readonly database' crash. Covers both server and library compose modes.

Summary by CodeRabbit

Chores
- Improved containerized deployment for RAG data initialization and faster iteration without rebuilds
- Adjusted volume mounting strategy for development and test environments
Bug Fixes
- Prevented metadata-generation failures from aborting or replacing already-streamed responses
Tests
- Added unit test ensuring stream continues despite topic-summary failures

coderabbitai · 2026-06-06T20:00:53Z

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: aa186f1f-ec7b-4fb9-8c1b-eafb58404125

📥 Commits

Reviewing files that changed from the base of the PR and between eb567cf and bf72940.

📒 Files selected for processing (2)

src/app/endpoints/streaming_query.py
tests/unit/app/endpoints/test_streaming_query.py

📜 Recent review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)

GitHub Check: E2E: library mode / ci / group 1
GitHub Check: E2E: library mode / ci / group 3
GitHub Check: E2E: library mode / ci / group 2
GitHub Check: E2E: server mode / ci / group 3
GitHub Check: E2E: server mode / ci / group 1
GitHub Check: E2E: server mode / ci / group 2
GitHub Check: E2E Tests for Lightspeed Evaluation job

🧰 Additional context used

📓 Path-based instructions (3)

tests/**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

tests/**/*.py: Use pytest for all unit and integration tests; do not use unittest
Use pytest.mark.asyncio marker for async tests

Files:

tests/unit/app/endpoints/test_streaming_query.py

src/**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

src/**/*.py: Use absolute imports for internal modules: from authentication import get_auth_dependency
Llama Stack imports: Use from llama_stack_client import AsyncLlamaStackClient
Check constants.py for shared constants before defining new ones
All modules must start with descriptive docstrings explaining purpose
Use logger = get_logger(__name__) from log.py for module logging
All functions must have complete type annotations for parameters and return types, use modern syntax (str | int), and include descriptive docstrings
Use snake_case with descriptive, action-oriented names for functions (get_, validate_, check_)
Avoid in-place parameter modification anti-patterns; return new data structures instead of modifying function parameters
Use async def for I/O operations and external API calls
Use standard log levels with clear purposes: debug() for diagnostic info, info() for program execution, warning() for unexpected events, error() for serious problems
All classes must have descriptive docstrings explaining purpose and use PascalCase with standard suffixes: Configuration, Error/Exception, Resolver, Interface
Abstract classes must use ABC with @abstractmethod decorators
Follow Google Python docstring conventions with required sections: Parameters, Returns, Raises, and Attributes for classes

Files:

src/app/endpoints/streaming_query.py

src/app/**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

src/app/**/*.py: FastAPI dependencies: Import from fastapi module for APIRouter, HTTPException, Request, status, Depends
Use FastAPI HTTPException with appropriate status codes for API endpoints and handle APIConnectionError from Llama Stack

Files:

src/app/endpoints/streaming_query.py

🧠 Learnings (1)

📚 Learning: 2026-04-06T20:18:07.852Z

Learnt from: major
Repo: lightspeed-core/lightspeed-stack PR: 1463
File: src/app/endpoints/rlsapi_v1.py:266-271
Timestamp: 2026-04-06T20:18:07.852Z
Learning: In the lightspeed-stack codebase, within `src/app/endpoints/` inference/MCP endpoints, treat `tools: Optional[list[Any]]` in MCP tool definitions as an intentional, consistent typing pattern (used across `query`, `responses`, `streaming_query`, `rlsapi_v1`). Do not raise or suggest this as a typing issue during code review; changing it in isolation could break endpoint typing consistency across the codebase.

Applied to files:

src/app/endpoints/streaming_query.py

🔇 Additional comments (2)

src/app/endpoints/streaming_query.py (1)

647-663: LGTM!

tests/unit/app/endpoints/test_streaming_query.py (1)

1219-1285: LGTM!

Walkthrough

Mount RAG seeds read-only and add entrypoint copy-on-start seeding for lightspeed-stack and llama-stack. Protect post-stream topic-summary generation with a try/except to log failures without aborting an already-started SSE response; add a unit test ensuring the stream completes and results are stored with topic_summary=None on failure.

Changes

RAG Seed Mounting and Entrypoint Seeding

Layer / File(s)	Summary
Docker Compose RAG Seed Mount Configuration `docker-compose-library.yaml`, `docker-compose.yaml`	Both `lightspeed-stack` and `llama-stack` now mount `./tests/e2e/rag` into a read-only `/opt/app-root/rag-seed` instead of directly into writable storage; `lightspeed-stack` also mounts the entrypoint script into the container for live updates.
Entrypoint Scripts: RAG Seeding Logic and Application Startup `scripts/lightspeed-stack-entrypoint.sh`, `scripts/llama-stack-entrypoint.sh`	Entrypoint scripts check for the seed directory, create storage dirs as needed, copy `*.db` seed files into writable storage, then start the application. `lightspeed-stack-entrypoint.sh` explicitly invokes the venv `python3.12` and forwards CLI args.

Post-stream Topic Summary Error Containment

Layer / File(s)	Summary
Stream endpoint: contain topic-summary failures and test `src/app/endpoints/streaming_query.py`, `tests/unit/app/endpoints/test_streaming_query.py`	Wrap `get_topic_summary(...)` in a broad try/except that logs errors and leaves `topic_summary` unset instead of aborting an already-started SSE response. Adds a test verifying the stream completes, `store_query_results` runs, and `topic_summary=None` is recorded when summary generation fails.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Suggested reviewers

anik120
radofuchs

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main change: fixing llama-stack startup as a non-root user by implementing RAG kvstore seeding with proper volume handling.
Linked Issues check	✅ Passed	The PR fully addresses issue `#124` by implementing RAG kvstore seeding at startup, allowing the non-root container user to write to the kvstore, and covering both server and library compose modes.
Out of Scope Changes check	✅ Passed	All changes are in-scope and directly address the non-root user startup issue: Docker Compose configs for RAG seeding, entrypoint scripts for seed copying, and streaming response error handling to prevent stream disruption.
Docstring Coverage	✅ Passed	Docstring coverage is 80.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

Create PR with unit tests

✨ Simplify code

Create PR with simplified code

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

coderabbitai

Actionable comments posted: 4

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@docker-compose-library.yaml`:
- Around line 26-28: The SELinux mount label casing is inconsistent between the
two volume entries ("./tests/e2e/rag:/opt/app-root/rag-seed:ro,Z" vs
"./scripts/lightspeed-stack-entrypoint.sh:/app-root/lightspeed-stack-entrypoint.sh:ro,z");
pick one casing and make both mounts consistent (either change the RAG seed
mount to use :ro,z or the entrypoint script to :ro,Z) unless the differing
semantics (private vs shared) are intentional—update the line containing
"./tests/e2e/rag:/opt/app-root/rag-seed:ro,Z" or the line containing
"./scripts/lightspeed-stack-entrypoint.sh:/app-root/lightspeed-stack-entrypoint.sh:ro,z"
accordingly.

In `@scripts/lightspeed-stack-entrypoint.sh`:
- Around line 16-20: When $RAG_SEED_DIR exists, check whether any .db files
actually exist before running cp to avoid the cryptic "cannot stat" error; test
the glob (e.g. set -- "$RAG_SEED_DIR"/*.db and verify [ -e "$1" ] or loop to
detect files) and if none are found, emit a clear error/warning mentioning
RAG_SEED_DIR and skip or exit instead of running cp into STORAGE_RAG_DIR; update
the block referencing RAG_SEED_DIR and STORAGE_RAG_DIR and the cp invocation
accordingly.

In `@scripts/llama-stack-entrypoint.sh`:
- Around line 18-24: The RAG seeding block in scripts/llama-stack-entrypoint.sh
is duplicated in scripts/lightspeed-stack-entrypoint.sh; extract that logic into
a shared function (e.g., seed_rag_kvstore) in a new script (e.g.,
scripts/seed-rag-kvstore.sh) and then source and call seed_rag_kvstore from both
entrypoint scripts to remove duplication; ensure the function uses the same
environment variables (RAG_SEED_DIR, STORAGE_RAG_DIR), checks that the seed
directory exists and contains .db files before copying, emits the same echo
messages, and returns non-zero on fatal errors so both llama-stack-entrypoint.sh
and lightspeed-stack-entrypoint.sh simply call seed_rag_kvstore to perform the
seeding.
- Around line 20-24: The seed-copy block that checks RAG_SEED_DIR and runs cp
may fail with a cryptic error when there are no *.db files; update the shell
snippet that uses RAG_SEED_DIR and STORAGE_RAG_DIR to validate that at least one
.db file exists before running cp, e.g., test the glob (for f in
"$RAG_SEED_DIR"/*.db; do [ -e "$f" ] && break; done) and if no files found print
a clear error/warning and skip or exit, otherwise proceed to mkdir -p
"$STORAGE_RAG_DIR" and cp the files; ensure the message mentions the missing .db
files and uses the same variable names (RAG_SEED_DIR, STORAGE_RAG_DIR) so it’s
easy to locate.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

Push a commit to this branch (recommended)
Create a new PR with the fixes

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 9e16fb92-3b33-4064-8f0d-df37304d1c14

📥 Commits

Reviewing files that changed from the base of the PR and between 014a5ba and eb567cf.

📒 Files selected for processing (4)

docker-compose-library.yaml
docker-compose.yaml
scripts/lightspeed-stack-entrypoint.sh
scripts/llama-stack-entrypoint.sh

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)

GitHub Check: E2E: library mode / ci / group 2
GitHub Check: E2E: library mode / ci / group 3
GitHub Check: E2E: server mode / ci / group 2
GitHub Check: E2E: library mode / ci / group 1
GitHub Check: E2E: server mode / ci / group 1
GitHub Check: E2E: server mode / ci / group 3
GitHub Check: E2E Tests for Lightspeed Evaluation job

🧰 Additional context used

🧠 Learnings (4)

📚 Learning: 2026-05-20T08:09:36.724Z

Learnt from: max-svistunov
Repo: lightspeed-core/lightspeed-stack PR: 1580
File: src/client.py:104-108
Timestamp: 2026-05-20T08:09:36.724Z
Learning: In the lightspeed-stack repo, the synthesized `run.yaml` file handling in `src/client.py` (`_synthesize_library_config`) uses a fixed `/tmp` path intentionally in the PoC (PR `#1580`). The durable production requirements are tracked in spec doc R10 (docs/design/llama-stack-config-merge/llama-stack-config-merge.md): persistent known path overwritten each boot, file mode 0600 set via explicit create flag (not umask), and a `--synthesized-config-output` CLI flag for debugging. The PoC code is scheduled for removal pre-merge; the implementation JIRA "Unified llama_stack.config schema + synthesizer" inherits R10's requirements.

Applied to files:

docker-compose-library.yaml
docker-compose.yaml
scripts/llama-stack-entrypoint.sh

📚 Learning: 2025-08-18T10:56:55.349Z

Learnt from: matysek
Repo: lightspeed-core/lightspeed-stack PR: 292
File: pyproject.toml:0-0
Timestamp: 2025-08-18T10:56:55.349Z
Learning: The lightspeed-stack project intentionally uses a "generic image" approach, bundling many dependencies directly in the base runtime image to work for everyone, rather than using lean base images with optional dependency groups.

Applied to files:

docker-compose-library.yaml

📚 Learning: 2026-05-20T08:09:30.641Z

Learnt from: max-svistunov
Repo: lightspeed-core/lightspeed-stack PR: 1580
File: docs/design/llama-stack-config-merge/poc-results/library-mode/synthesized-run.yaml:107-110
Timestamp: 2026-05-20T08:09:30.641Z
Learning: In Llama-stack config YAMLs, when defining a Llama Guard safety shield entry, set `provider_shield_id` to the *guard model identifier* (e.g., `meta-llama/Llama-Guard-3-8B`). Do not use a chat/generative model id (e.g., `openai/gpt-4o-mini`): a chat-model id (or `native_override`) indicates only an override landed and does **not** mean the safety shield is actually gating queries. Ensure any E2E coverage for the related implementation (JIRA/E2E tests) exercises a real Llama Guard model to verify that the shield is effective.

Applied to files:

docker-compose-library.yaml
docker-compose.yaml

📚 Learning: 2026-05-12T15:14:34.788Z

Learnt from: syedriko
Repo: lightspeed-core/lightspeed-stack PR: 1727
File: scripts/konflux_requirements.sh:9-15
Timestamp: 2026-05-12T15:14:34.788Z
Learning: In this repo, the `.konflux/` directory is committed/tracked and is guaranteed to exist in a fresh clone. Therefore, shell scripts that write output under `.konflux/` (e.g., create files like `.konflux/<...>`) should not waste effort by calling `mkdir -p .konflux` first. Only add directory-creation logic if the script may run in an environment/repo state where `.konflux/` might not be present.

Applied to files:

scripts/lightspeed-stack-entrypoint.sh
scripts/llama-stack-entrypoint.sh

🔇 Additional comments (3)

docker-compose.yaml (1)

22-25: LGTM!

scripts/lightspeed-stack-entrypoint.sh (1)

22-25: LGTM!

docker-compose-library.yaml (1)

23-26: RAG storage permissions for UID 1001 are already set in the image

deploy/lightspeed-stack/Containerfile creates /opt/app-root/src/.llama/storage and chown -R 1001:1001 /opt/app-root/src/.llama, and the image sets USER 1001; this makes /opt/app-root/src/.llama/storage/rag writable in filesystem-backed library mode.

coderabbitai · 2026-06-06T20:05:46Z

+      - ./tests/e2e/rag:/opt/app-root/rag-seed:ro,Z
+      # Host copy so `docker compose up` picks up script changes without rebuilding
+      - ./scripts/lightspeed-stack-entrypoint.sh:/app-root/lightspeed-stack-entrypoint.sh:ro,z


🧹 Nitpick | 🔵 Trivial | 💤 Low value

Inconsistent SELinux label casing between mounts.

The RAG seed mount uses :ro,Z (private label) while the entrypoint script mount uses :ro,z (shared label). For consistency and clarity, consider using the same casing unless the different labeling is intentional.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@docker-compose-library.yaml` around lines 26 - 28, The SELinux mount label casing is inconsistent between the two volume entries ("./tests/e2e/rag:/opt/app-root/rag-seed:ro,Z" vs "./scripts/lightspeed-stack-entrypoint.sh:/app-root/lightspeed-stack-entrypoint.sh:ro,z"); pick one casing and make both mounts consistent (either change the RAG seed mount to use :ro,z or the entrypoint script to :ro,Z) unless the differing semantics (private vs shared) are intentional—update the line containing "./tests/e2e/rag:/opt/app-root/rag-seed:ro,Z" or the line containing "./scripts/lightspeed-stack-entrypoint.sh:/app-root/lightspeed-stack-entrypoint.sh:ro,z" accordingly.

coderabbitai · 2026-06-06T20:05:46Z

+if [ -d "$RAG_SEED_DIR" ]; then
+    echo "Seeding RAG kvstore from $RAG_SEED_DIR into $STORAGE_RAG_DIR..."
+    mkdir -p "$STORAGE_RAG_DIR"
+    cp -f "$RAG_SEED_DIR"/*.db "$STORAGE_RAG_DIR"/
+fi


🧹 Nitpick | 🔵 Trivial | ⚡ Quick win

Improve error handling for missing seed files.

If $RAG_SEED_DIR exists but contains no *.db files, the glob pattern will fail to expand and cp will exit with a cryptic error (cp: cannot stat '.../*.db': No such file or directory). Consider adding explicit validation to provide a clearer error message.

🛡️ Proposed fix to add validation

if [ -d "$RAG_SEED_DIR" ]; then echo "Seeding RAG kvstore from $RAG_SEED_DIR into $STORAGE_RAG_DIR..." mkdir -p "$STORAGE_RAG_DIR" + if ! compgen -G "$RAG_SEED_DIR/*.db" > /dev/null; then + echo "ERROR: No .db files found in $RAG_SEED_DIR" + exit 1 + fi cp -f "$RAG_SEED_DIR"/*.db "$STORAGE_RAG_DIR"/ fi

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

if [ -d "$RAG_SEED_DIR" ]; then

echo "Seeding RAG kvstore from $RAG_SEED_DIR into $STORAGE_RAG_DIR..."

mkdir -p "$STORAGE_RAG_DIR"

cp -f "$RAG_SEED_DIR"/*.db "$STORAGE_RAG_DIR"/

fi

if [ -d "$RAG_SEED_DIR" ]; then

echo "Seeding RAG kvstore from $RAG_SEED_DIR into $STORAGE_RAG_DIR..."

mkdir -p "$STORAGE_RAG_DIR"

if ! compgen -G "$RAG_SEED_DIR/*.db" > /dev/null; then

echo "ERROR: No .db files found in $RAG_SEED_DIR"

exit 1

fi

cp -f "$RAG_SEED_DIR"/*.db "$STORAGE_RAG_DIR"/

fi

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@scripts/lightspeed-stack-entrypoint.sh` around lines 16 - 20, When $RAG_SEED_DIR exists, check whether any .db files actually exist before running cp to avoid the cryptic "cannot stat" error; test the glob (e.g. set -- "$RAG_SEED_DIR"/*.db and verify [ -e "$1" ] or loop to detect files) and if none are found, emit a clear error/warning mentioning RAG_SEED_DIR and skip or exit instead of running cp into STORAGE_RAG_DIR; update the block referencing RAG_SEED_DIR and STORAGE_RAG_DIR and the cp invocation accordingly.

coderabbitai · 2026-06-06T20:05:46Z

+RAG_SEED_DIR="${RAG_SEED_DIR:-/opt/app-root/rag-seed}"
+STORAGE_RAG_DIR="${STORAGE_RAG_DIR:-/opt/app-root/src/.llama/storage/rag}"
+if [ -d "$RAG_SEED_DIR" ]; then
+    echo "Seeding RAG kvstore from $RAG_SEED_DIR into $STORAGE_RAG_DIR..."
+    mkdir -p "$STORAGE_RAG_DIR"
+    cp -f "$RAG_SEED_DIR"/*.db "$STORAGE_RAG_DIR"/
+fi


🧹 Nitpick | 🔵 Trivial | ⚡ Quick win

Consider extracting duplicated seeding logic.

The RAG seeding block (lines 18-24) is identical to the logic in scripts/lightspeed-stack-entrypoint.sh (lines 14-20). Consider extracting this into a shared function or sourced script to reduce duplication and ensure consistency.

♻️ Example: Extract to a shared function

Create a shared script (e.g., scripts/seed-rag-kvstore.sh):

#!/bin/bash # Shared function to seed RAG kvstore seed_rag_kvstore() { local RAG_SEED_DIR="${RAG_SEED_DIR:-/opt/app-root/rag-seed}" local STORAGE_RAG_DIR="${STORAGE_RAG_DIR:-/opt/app-root/src/.llama/storage/rag}" if [ -d "$RAG_SEED_DIR" ]; then echo "Seeding RAG kvstore from $RAG_SEED_DIR into $STORAGE_RAG_DIR..." mkdir -p "$STORAGE_RAG_DIR" if ! compgen -G "$RAG_SEED_DIR/*.db" > /dev/null; then echo "ERROR: No .db files found in $RAG_SEED_DIR" exit 1 fi cp -f "$RAG_SEED_DIR"/*.db "$STORAGE_RAG_DIR"/ fi }

Then source and call it in both entrypoint scripts:

source /app-root/seed-rag-kvstore.sh seed_rag_kvstore

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@scripts/llama-stack-entrypoint.sh` around lines 18 - 24, The RAG seeding block in scripts/llama-stack-entrypoint.sh is duplicated in scripts/lightspeed-stack-entrypoint.sh; extract that logic into a shared function (e.g., seed_rag_kvstore) in a new script (e.g., scripts/seed-rag-kvstore.sh) and then source and call seed_rag_kvstore from both entrypoint scripts to remove duplication; ensure the function uses the same environment variables (RAG_SEED_DIR, STORAGE_RAG_DIR), checks that the seed directory exists and contains .db files before copying, emits the same echo messages, and returns non-zero on fatal errors so both llama-stack-entrypoint.sh and lightspeed-stack-entrypoint.sh simply call seed_rag_kvstore to perform the seeding.

coderabbitai · 2026-06-06T20:05:46Z

+if [ -d "$RAG_SEED_DIR" ]; then
+    echo "Seeding RAG kvstore from $RAG_SEED_DIR into $STORAGE_RAG_DIR..."
+    mkdir -p "$STORAGE_RAG_DIR"
+    cp -f "$RAG_SEED_DIR"/*.db "$STORAGE_RAG_DIR"/
+fi


🧹 Nitpick | 🔵 Trivial | ⚡ Quick win

Improve error handling for missing seed files.

If $RAG_SEED_DIR exists but contains no *.db files, the glob pattern will fail to expand and cp will exit with a cryptic error. Consider adding explicit validation for a clearer error message (same issue as in lightspeed-stack-entrypoint.sh).

🛡️ Proposed fix to add validation

if [ -d "$RAG_SEED_DIR" ]; then echo "Seeding RAG kvstore from $RAG_SEED_DIR into $STORAGE_RAG_DIR..." mkdir -p "$STORAGE_RAG_DIR" + if ! compgen -G "$RAG_SEED_DIR/*.db" > /dev/null; then + echo "ERROR: No .db files found in $RAG_SEED_DIR" + exit 1 + fi cp -f "$RAG_SEED_DIR"/*.db "$STORAGE_RAG_DIR"/ fi

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

if [ -d "$RAG_SEED_DIR" ]; then

echo "Seeding RAG kvstore from $RAG_SEED_DIR into $STORAGE_RAG_DIR..."

mkdir -p "$STORAGE_RAG_DIR"

cp -f "$RAG_SEED_DIR"/*.db "$STORAGE_RAG_DIR"/

fi

if [ -d "$RAG_SEED_DIR" ]; then

echo "Seeding RAG kvstore from $RAG_SEED_DIR into $STORAGE_RAG_DIR..."

mkdir -p "$STORAGE_RAG_DIR"

if ! compgen -G "$RAG_SEED_DIR/*.db" > /dev/null; then

echo "ERROR: No .db files found in $RAG_SEED_DIR"

exit 1

fi

cp -f "$RAG_SEED_DIR"/*.db "$STORAGE_RAG_DIR"/

fi

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@scripts/llama-stack-entrypoint.sh` around lines 20 - 24, The seed-copy block that checks RAG_SEED_DIR and runs cp may fail with a cryptic error when there are no *.db files; update the shell snippet that uses RAG_SEED_DIR and STORAGE_RAG_DIR to validate that at least one .db file exists before running cp, e.g., test the glob (for f in "$RAG_SEED_DIR"/*.db; do [ -e "$f" ] && break; done) and if no files found print a clear error/warning and skip or exit, otherwise proceed to mkdir -p "$STORAGE_RAG_DIR" and cp the files; ensure the message mentions the missing .db files and uses the same variable names (RAG_SEED_DIR, STORAGE_RAG_DIR) so it’s easy to locate.

…onse

Fix: Fix llama-stack startup as non-root user

eb567cf

coderabbitai Bot reviewed Jun 6, 2026

View reviewed changes

CodeHex083 changed the title ~~Fix: Fix llama-stack startup as non-root user~~ LCORE-1859: Fix llama-stack startup as non-root user Jun 6, 2026

tisnik requested a review from anik120 June 9, 2026 20:17

LCORE-1859: Prevent topic summary failure from aborting streamed resp…

bf72940

…onse

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

LCORE-1859: Fix llama-stack startup as non-root user#1859

LCORE-1859: Fix llama-stack startup as non-root user#1859
CodeHex083 wants to merge 2 commits into
lightspeed-core:mainfrom
CodeHex083:lcore-fix-llama-stack-nonroot-rag-readonly

CodeHex083 commented Jun 6, 2026 •

edited by coderabbitai Bot

Loading

Uh oh!

coderabbitai Bot commented Jun 6, 2026 •

edited

Loading

Uh oh!

coderabbitai Bot left a comment

Uh oh!

coderabbitai Bot Jun 6, 2026

Uh oh!

coderabbitai Bot Jun 6, 2026

Uh oh!

coderabbitai Bot Jun 6, 2026

Uh oh!

coderabbitai Bot Jun 6, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

CodeHex083 commented Jun 6, 2026 • edited by coderabbitai Bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Fixes #124

Summary by CodeRabbit

Uh oh!

coderabbitai Bot commented Jun 6, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Walkthrough

Changes

Estimated code review effort

Suggested reviewers

Uh oh!

coderabbitai Bot left a comment

Choose a reason for hiding this comment

Uh oh!

coderabbitai Bot Jun 6, 2026

Choose a reason for hiding this comment

Uh oh!

coderabbitai Bot Jun 6, 2026

Choose a reason for hiding this comment

Uh oh!

coderabbitai Bot Jun 6, 2026

Choose a reason for hiding this comment

Uh oh!

coderabbitai Bot Jun 6, 2026

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

CodeHex083 commented Jun 6, 2026 •

edited by coderabbitai Bot

Loading

coderabbitai Bot commented Jun 6, 2026 •

edited

Loading