因此,我正试图复制一个流,用于设置我的docker堆栈,我在Github操作中本地运行良好,以便在尽可能接近生产/现实世界的场景下执行一些测试。
然而,我在GitHub操作工作流中遇到了以下问题,导致失败:
psycopg2.OperationalError: could not translate host name "db" to address: Temporary failure in name resolution
从本质上讲,在本地网络方面有效的东西在Github操作中不起作用。唯一看起来不同的可能是我在Github操作中使用的docker版本。
这是我的workflow/ci.yml文件:
name: perseus/ci
on:
pull_request:
branches:
- main
paths-ignore:
- '__pycache__'
- '.pytest_cache'
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
jobs:
build:
name: CI/CD Build & Test w/pytest
strategy:
matrix:
os: [ ubuntu-latest ]
runs-on: ${{ matrix.os }}
env:
PROJECT_NAME: "Perseus FastAPI"
FIRST_SUPERUSER_EMAIL: ${{ secrets.FIRST_SUPERUSER_EMAIL }}
FIRST_SUPERUSER_PASSWORD: ${{ secrets.FIRST_SUPERUSER_PASSWORD }}
POSTGRES_USER: "postgres"
POSTGRES_PASSWORD: "postgres"
POSTGRES_SERVER: "db"
POSTGRES_PORT: "5432"
POSTGRES_DB: "postgres"
SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
SERVER_NAME: "perseus"
SERVER_HOST: "https://perseus.observerly.com"
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Setup Environment File
run: |
touch .env
echo PROJECT_NAME=${PROJECT_NAME} > .env
echo FIRST_SUPERUSER_EMAIL=${FIRST_SUPERUSER_EMAIL} > .env
echo FIRST_SUPERUSER_PASSWORD=${FIRST_SUPERUSER_PASSWORD} > .env
echo POSTGRES_USER=${POSTGRES_USER} > .env
echo POSTGRES_PASSWORD=${POSTGRES_PASSWORD} > .env
echo POSTGRES_SERVER=${POSTGRES_SERVER} > .env
echo POSTGRES_PORT=${POSTGRES_PORT} > .env
echo POSTGRES_DB=${POSTGRES_DB} > .env
echo SENTRY_DSN=${SENTRY_DSN} > .env
echo SERVER_NAME=${SERVER_NAME} > .env
echo SERVER_HOST=${SERVER_HOST} > .env
cat .env
- name: Docker Compose Build
run: docker compose -f local.yml build --build-arg INSTALL_DEV="true"
- name: Docker Compose Up
run: docker compose -f local.yml up -d
- name: Alembic Upgrade Head (Run Migrations)
run: docker compose -f local.yml exec api alembic upgrade head
- name: Seed Body (Stars, Galaxies etc) Data
run: docker compose -f local.yml exec api ./scripts/init_db_seed.sh
从本质上讲,所有步骤都在进行,直到api服务需要通过网络(例如db:5432(与db服务通话
我的local.yml文件如下:
version: '3.8'
services:
traefik:
image: traefik:latest
container_name: traefik_proxy
restart: always
security_opt:
- no-new-privileges:true
command:
## API Settings - https://docs.traefik.io/operations/api/, endpoints - https://docs.traefik.io/operations/api/#endpoints ##
- --api.insecure=true # <== Enabling insecure api, NOT RECOMMENDED FOR PRODUCTION
- --api.dashboard=true # <== Enabling the dashboard to view services, middlewares, routers, etc...
- --api.debug=true # <== Enabling additional endpoints for debugging and profiling
## Log Settings (options: ERROR, DEBUG, PANIC, FATAL, WARN, INFO) - https://docs.traefik.io/observability/logs/ ##
- --log.level=ERROR # <== Setting the level of the logs from traefik
## Provider Settings - https://docs.traefik.io/providers/docker/#provider-configuration ##
labels:
# Enable traefik on itself to view dashboard and assign subdomain to view it
- traefik.enable=false
# Setting the domain for the dashboard
- traefik.http.routers.api.rule=Host("traefik.docker.localhost")
# Enabling the api to be a service to access
- traefik.http.routers.api.service=api@internal
ports:
# HTTP
- 80:80
# HTTPS / SSL port
- 443:443
volumes:
# Volume for docker admin
- /var/run/docker.sock:/var/run/docker.sock:ro
# Map the static configuration into the container
- ./traefik/traefik.yml:/etc/traefik/traefik.yml:ro
# Map the configuration into the container
- ./traefik/config.yml:/etc/traefik/config.yml:ro
# Map the certificats into the container
- ./certs:/etc/certs:ro
networks:
- web
api:
build: .
command: uvicorn app.main:app --host 0.0.0.0 --port 5000 --reload --workers 1 --ssl-keyfile "./certs/local-key.pem" --ssl-certfile "./certs/local-cert.pem" --ssl-cert-reqs 1
container_name: perseus_api
restart: always
ports:
- 8001:5000
volumes:
- .:/app
depends_on:
- db
links:
- db:db
env_file:
- .env
labels:
# The following labels define the behavior and rules of the traefik proxy for this container
# For more information, see: https://docs.traefik.io/providers/docker/#exposedbydefault
# Enable this container to be mapped by traefik:
- traefik.enable=true
# URL to reach this container:
- traefik.http.routers.web.rule=Host("perseus.docker.localhost")
# URL to reach this container for secure traffic:
- traefik.http.routers.websecured.rule=Host("perseus.docker.localhost")
# Defining entrypoint for https:
- traefik.http.routers.websecured.entrypoints=websecured
networks:
- web
- api
db:
image: postgres:14-alpine
container_name: postgres
volumes:
- postgres_data:/var/lib/postgresql/data/
- ./scripts/init_pgtrgm_extension.sql:/docker-entrypoint-initdb.d/init_pgtrgm_extension.sql
ports:
- 5432:5432
env_file:
- .env
networks:
- api
volumes:
postgres_data:
networks:
web:
name: web
api:
name: api
driver: bridge
有什么网络技巧或GitHub操作技巧可以帮助我克服这个看似很小的障碍吗?
我已经对这个问题做了尽可能多的研究,但我似乎看不出解决方案是什么。。。
Github操作应该允许docker compose网络正常工作。我遇到了这个错误,问题最终是我的测试应用程序没有完全等待我的数据库准备好。depends_on通常是不够的。您需要添加一个运行状况检查,然后配置depends_on以等待相关服务正常运行:
向依赖服务添加健康检查:
postgres:
image: postgres:15-alpine
environment:
POSTGRES_DB: mydb
POSTGRES_PASSWORD: postgres
healthcheck:
test: ["CMD-SHELL", "pg_isready -U postgres"]
interval: 5s
timeout: 5s
retries: 5
等待相关服务正常运行:
app:
image: myapp/tester
build:
context: ../..
dockerfile: ./ci/docker/tester.Dockerfile
command: /usr/bin/python -mpytest myapp/tests/test_postgres.py
depends_on:
postgres:
condition: service_healthy
environment:
POSTGRES_HOST: postgres
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: mydb