Fix for tests/coderabit.

install/production-filesystem/entrypoint.d/35-writable-config.sh

@@ -43,7 +43,7 @@ EOF
         >&2 printf "%s" "${YELLOW}"
         >&2 cat <<EOF
 ══════════════════════════════════════════════════════════════════════════════
-⚠️  ATTENTION: Read permission denied.
+⚠️  ATTENTION: Path is not a regular file.
 
     The path "${path}" is not a regular file (current type: $(stat -c %F "$path" 2>/dev/null || echo unknown)).
     This prevents NetAlertX from reading the configuration and indicates a

install/production-filesystem/entrypoint.d/99-ports-available.sh

@@ -64,7 +64,7 @@ if echo "$LISTENING_PORTS" | grep -q ":${PORT_GQL}$"; then
 ══════════════════════════════════════════════════════════════════════════════
 ⚠️  Port Warning: GraphQL API port ${PORT_GQL} is already in use.
 
-    The GraphQL API (defined by $APP_CONF_OVERRIDE or $GRAPHQL_PORT)
+    The GraphQL API (defined by \$APP_CONF_OVERRIDE or \$GRAPHQL_PORT)
     may fail to start.
 
     https://github.com/jokob-sk/NetAlertX/blob/main/docs/docker-troubleshooting/port-conflicts.md

install/production-filesystem/entrypoint.sh

@@ -121,6 +121,7 @@ fi
 # Set APP_CONF_OVERRIDE based on GRAPHQL_PORT if not already set
 if [ -n "${GRAPHQL_PORT:-}" ] && [ -z "${APP_CONF_OVERRIDE:-}" ]; then
     export APP_CONF_OVERRIDE='{"GRAPHQL_PORT":"'"${GRAPHQL_PORT}"'"}'
+    >&2 echo "APP_CONF_OVERRIDE detected (set from GRAPHQL_PORT)"
 fi
 
 

test/docker_tests/test_container_environment.py

@@ -970,20 +970,26 @@ def test_mandatory_folders_creation(tmp_path: pathlib.Path) -> None:
 
 
 def test_writable_config_validation(tmp_path: pathlib.Path) -> None:
-    """Test writable config validation - simulates read-only config file.
+    """Test writable config validation - simulates invalid config file type.
 
-    3. Writable Config Validation: Simulates config file with read-only permissions.
+    3. Writable Config Validation: Simulates app.conf being a non-regular file (directory).
     Container verifies it can read from and write to critical config and database files.
-    Expected: "Read permission denied" warning for config file.
+    Expected: "Path is not a regular file" warning for config file.
 
-    Check script: 30-writable-config.sh
-    Sample message: "Read permission denied"
+    Check script: 35-writable-config.sh
+    Sample message: "Path is not a regular file"
     """
     paths = _setup_mount_tree(tmp_path, "writable_config")
-    # Make config file unreadable/unwritable to the container user to force the check
-    config_file = paths["app_config"] / "app.conf"
-    _chown_root(config_file)
-    config_file.chmod(0o000)
+    # Force a non-regular file for /data/config/app.conf to exercise the correct warning branch.
+    config_path = paths["app_config"] / "app.conf"
+    if config_path.exists():
+        if config_path.is_dir():
+            shutil.rmtree(config_path)
+        else:
+            config_path.unlink()
+    config_path.mkdir(parents=False)
+    config_path.chmod(0o777)
+    _chown_netalertx(config_path)
 
     # Ensure directories are writable and owned by netalertx user so container gets past mounts.py
     for key in [
@@ -1001,7 +1007,7 @@ def test_writable_config_validation(tmp_path: pathlib.Path) -> None:
     result = _run_container(
         "writable-config", volumes, user="20211:20211", sleep_seconds=5.0
     )
-    _assert_contains(result, "Read permission denied", result.args)
+    _assert_contains(result, "ATTENTION: Path is not a regular file.", result.args)
 
 
 def test_mount_analysis_ram_disk_performance(tmp_path: pathlib.Path) -> None: