Ensure correct host for Smocker Docker Container on `bridge` network
What does this MR do and why?
This MR ensures that we always return correct host for smocker docker container when running on bridge
network
While working on multiple compliance MR I've observed QA job failure:
However, this test is green on master, and I observed this test failing even on 100% unrelated changes
After digging through debug log of the job, it boils down to following log part (truncated for clarity):
[Dec 19 2023 01:23:46 UTC (QA Tests)] INFO -- Executing: `docker network inspect test`
[Dec 19 2023 01:23:46 UTC (QA Tests)] DEBUG -- Command output:
[]
Error response from daemon: network test not found
[Dec 19 2023 01:23:46 UTC (QA Tests)] INFO -- Executing: `docker run -d --rm --network bridge --hostname smocker-server.bridge --name smocker-server --publish 8080:8080 --publish 8081:8081 thiht/smocker:0.17.1 `
81bc709e63340f53bd7178f96c871e4a32f73f7e52cba5efe7c2975db6bac12d
[Dec 19 2023 01:23:48 UTC (QA Tests)] DEBUG -- Checking Smocker readiness
[Dec 19 2023 01:23:48 UTC (QA Tests)] DEBUG -- Smocker not ready yet
Failed to open TCP connection to smocker-server.bridge:8081 (getaddrinfo: Name or service not known)
What happens here? We're checking if test
docker network exists, and it seems it does not exists when running tests in QA (it exists when running QA suite on master
though, that's why the pipeline is green)
So --network
flag defaults to bridge
. However bridge
network is not the same as others - it does not include custom NDS resolving, so attempting to reach smocker-server.bridge:8081
fails, since we need to access exposed ports on host itself, not by container DNS name
How to set up and validate locally
I've verified this originally using:
CI_PROJECT_NAME=local CI=1 QA_LOG_LEVEL=DEBUG bundle exec rspec qa/specs/features/ee/browser_ui/10_govern/group/group_audit_event_streaming_spec.rb
(CI=1
is the key, CI_PROJECT_NAME
is simply needed so it does not blows up)
Without CI=1
it will take different code path