From 881938dc8fbfff3d2b9c07295b0f81343244d944 Mon Sep 17 00:00:00 2001 From: Radoslav Kirilov Date: Thu, 11 Sep 2025 16:08:45 +0300 Subject: [PATCH 01/16] feat: support `keyFile` option, requierd for replica set + auth fixes https://github.com/supercharge/mongodb-github-action/issues/66 --- action-types.yml | 2 ++ action.yml | 6 ++++ start-mongodb.sh | 75 +++++++++++++++++++++++++++++++++++++----------- 3 files changed, 66 insertions(+), 17 deletions(-) diff --git a/action-types.yml b/action-types.yml index b03fcf8..2432a52 100644 --- a/action-types.yml +++ b/action-types.yml @@ -6,6 +6,8 @@ inputs: type: string mongodb-replica-set: type: string + mongodb-key: + type: string mongodb-port: type: integer mongodb-db: diff --git a/action.yml b/action.yml index 2b237cb..4099f81 100644 --- a/action.yml +++ b/action.yml @@ -21,6 +21,11 @@ inputs: required: false default: '' + mongodb-key: + description: 'MongoDB key, required if replica set and auth are setup through username and password (no key set by default)' + required: false + default: '' + mongodb-port: description: 'MongoDB port to use (default 27017)' required: false @@ -58,3 +63,4 @@ runs: - ${{ inputs.mongodb-username }} - ${{ inputs.mongodb-password }} - ${{ inputs.mongodb-container-name }} + - ${{ inputs.mongodb-key }} diff --git a/start-mongodb.sh b/start-mongodb.sh index 50f3f9a..3d20842 100644 --- a/start-mongodb.sh +++ b/start-mongodb.sh @@ -9,6 +9,7 @@ MONGODB_DB=$5 MONGODB_USERNAME=$6 MONGODB_PASSWORD=$7 MONGODB_CONTAINER_NAME=$8 +MONGODB_KEY=$9 # `mongosh` is used starting from MongoDB 5.x MONGODB_CLIENT="mongosh --quiet" @@ -47,16 +48,8 @@ wait_for_mongodb () { TIMER=0 MONGODB_ARGS="" - - if [ -z "$MONGODB_REPLICA_SET" ] - then - if [ -z "$MONGODB_USERNAME" ] - then - MONGODB_ARGS="" - else - # no replica set, but username given: use them as args - MONGODB_ARGS="--username $MONGODB_USERNAME --password $MONGODB_PASSWORD" - fi + if [ -n "$MONGODB_USERNAME" ]; then + MONGODB_ARGS="--username $MONGODB_USERNAME --password $MONGODB_PASSWORD" fi # until ${WAIT_FOR_MONGODB_COMMAND} @@ -66,7 +59,7 @@ wait_for_mongodb () { sleep 1 TIMER=$((TIMER + 1)) - if [[ $TIMER -eq 20 ]]; then + if [ "$TIMER" -eq 20 ]; then echo "MongoDB did not initialize within 20 seconds. Exiting." exit 2 fi @@ -82,7 +75,7 @@ wait_for_mongodb () { # docker rm -f $MONGODB_CONTAINER_NAME # fi - +# If no replica set specified, run single node if [ -z "$MONGODB_REPLICA_SET" ]; then echo "::group::Starting single-node instance, no replica set" echo " - port [$MONGODB_PORT]" @@ -92,7 +85,12 @@ if [ -z "$MONGODB_REPLICA_SET" ]; then echo " - container-name [$MONGODB_CONTAINER_NAME]" echo "" - docker run --name $MONGODB_CONTAINER_NAME --publish $MONGODB_PORT:$MONGODB_PORT -e MONGO_INITDB_DATABASE=$MONGODB_DB -e MONGO_INITDB_ROOT_USERNAME=$MONGODB_USERNAME -e MONGO_INITDB_ROOT_PASSWORD=$MONGODB_PASSWORD --detach $MONGODB_IMAGE:$MONGODB_VERSION --port $MONGODB_PORT + docker run --name $MONGODB_CONTAINER_NAME \ + --publish $MONGODB_PORT:$MONGODB_PORT \ + -e MONGO_INITDB_DATABASE=$MONGODB_DB \ + -e MONGO_INITDB_ROOT_USERNAME=$MONGODB_USERNAME \ + -e MONGO_INITDB_ROOT_PASSWORD=$MONGODB_PASSWORD \ + --detach $MONGODB_IMAGE:$MONGODB_VERSION --port $MONGODB_PORT if [ $? -ne 0 ]; then echo "Error starting MongoDB Docker container" @@ -101,31 +99,74 @@ if [ -z "$MONGODB_REPLICA_SET" ]; then echo "::endgroup::" wait_for_mongodb - exit 0 fi +# For replica set mode: +# If auth (username/password) is requested, ensure mongodb-key is provided +if { [ -n "$MONGODB_USERNAME" ] || [ -n "$MONGODB_PASSWORD" ]; } && [ -z "$MONGODB_KEY" ]; then + echo "" + echo "The input [mongodb-key] is required when using [mongodb-username] or [mongodb-password] with a replica set." + echo "Generating random 'mongodb-key'." + echo "" + MONGODB_KEY=$(dd if=/dev/urandom bs=756 count=1 2>/dev/null | base64 | tr -d '\n') +fi + +# Prepare keyFile mount and args, if provided +KEYFILE_ARGS="" +VOLUME_ARGS="" +if [ -n "$MONGODB_KEY" ]; then + KEYFILE_PATH="/tmp/mongo-keyfile" + echo "$MONGODB_KEY" > "$KEYFILE_PATH" + chmod 400 "$KEYFILE_PATH" + VOLUME_ARGS="--volume $KEYFILE_PATH:/tmp/keyfile:ro" + KEYFILE_ARGS="--keyFile /tmp/keyfile" +fi echo "::group::Starting MongoDB as single-node replica set" echo " - port [$MONGODB_PORT]" echo " - version [$MONGODB_VERSION]" echo " - replica set [$MONGODB_REPLICA_SET]" +if [ -n "$MONGODB_KEY" ]; then + echo " - keyFile provided: yes" +else + echo " - keyFile provided: no" +fi echo "" +# Start mongod in replica set mode, with optional auth and keyFile +# MONGO_INITDB_* envs will create the root user on first startup -docker run --name $MONGODB_CONTAINER_NAME --publish $MONGODB_PORT:$MONGODB_PORT --detach $MONGODB_IMAGE:$MONGODB_VERSION --port $MONGODB_PORT --replSet $MONGODB_REPLICA_SET +docker run --name $MONGODB_CONTAINER_NAME \ + --publish $MONGODB_PORT:$MONGODB_PORT \ + $VOLUME_ARGS \ + -e MONGO_INITDB_DATABASE=$MONGODB_DB \ + -e MONGO_INITDB_ROOT_USERNAME=$MONGODB_USERNAME \ + -e MONGO_INITDB_ROOT_PASSWORD=$MONGODB_PASSWORD \ + --detach $MONGODB_IMAGE:$MONGODB_VERSION \ + --port $MONGODB_PORT \ + --replSet $MONGODB_REPLICA_SET \ + $KEYFILE_ARGS if [ $? -ne 0 ]; then echo "Error starting MongoDB Docker container" exit 2 fi + echo "::endgroup::" wait_for_mongodb +# After mongod is up, initiate the replica set +# Use auth if credentials were supplied +MONGODB_ARGS="" +if [ -n "$MONGODB_USERNAME" ]; then + MONGODB_ARGS="--username $MONGODB_USERNAME --password $MONGODB_PASSWORD" +fi + echo "::group::Initiating replica set [$MONGODB_REPLICA_SET]" -docker exec --tty $MONGODB_CONTAINER_NAME $MONGODB_CLIENT --port $MONGODB_PORT --eval " +docker exec --tty $MONGODB_CONTAINER_NAME $MONGODB_CLIENT --port $MONGODB_PORT $MONGODB_ARGS --eval " rs.initiate({ \"_id\": \"$MONGODB_REPLICA_SET\", \"members\": [ { @@ -140,5 +181,5 @@ echo "::endgroup::" echo "::group::Checking replica set status [$MONGODB_REPLICA_SET]" -docker exec --tty $MONGODB_CONTAINER_NAME $MONGODB_CLIENT --port $MONGODB_PORT --eval "rs.status()" +docker exec --tty $MONGODB_CONTAINER_NAME $MONGODB_CLIENT --port $MONGODB_PORT $MONGODB_ARGS --eval "rs.status()" echo "::endgroup::" From 4af87085a6cfc6767bd7500a8cdcc7e398cf1a74 Mon Sep 17 00:00:00 2001 From: Radoslav Kirilov Date: Thu, 11 Sep 2025 16:48:33 +0300 Subject: [PATCH 02/16] fix: support `authSource` fixes https://github.com/supercharge/mongodb-github-action/issues/66 --- action-types.yml | 6 ++++-- action.yml | 16 +++++++++++----- start-mongodb.sh | 3 ++- 3 files changed, 17 insertions(+), 8 deletions(-) diff --git a/action-types.yml b/action-types.yml index 2432a52..43fcd71 100644 --- a/action-types.yml +++ b/action-types.yml @@ -6,8 +6,6 @@ inputs: type: string mongodb-replica-set: type: string - mongodb-key: - type: string mongodb-port: type: integer mongodb-db: @@ -18,3 +16,7 @@ inputs: type: string mongodb-container-name: type: string + mongodb-key: + type: string + mongodb-authsource: + type: string diff --git a/action.yml b/action.yml index 4099f81..bbbcb26 100644 --- a/action.yml +++ b/action.yml @@ -21,11 +21,6 @@ inputs: required: false default: '' - mongodb-key: - description: 'MongoDB key, required if replica set and auth are setup through username and password (no key set by default)' - required: false - default: '' - mongodb-port: description: 'MongoDB port to use (default 27017)' required: false @@ -51,6 +46,16 @@ inputs: required: false default: 'mongodb' + mongodb-key: + description: 'MongoDB key, required if replica set and auth are setup through username and password (no key set by default)' + required: false + default: '' + + mongodb-authsource: + description: 'MongoDB authenticationDatabase a.k.a authSource to use (default: "admin" based on https://github.com/docker-library/mongo/blob/master/8.0/docker-entrypoint.sh#L372C4-L372C20)' + required: false + default: 'admin' + runs: using: 'docker' image: 'Dockerfile' @@ -64,3 +69,4 @@ runs: - ${{ inputs.mongodb-password }} - ${{ inputs.mongodb-container-name }} - ${{ inputs.mongodb-key }} + - ${{ inputs.mongodb-authsource }} diff --git a/start-mongodb.sh b/start-mongodb.sh index 3d20842..eb82615 100644 --- a/start-mongodb.sh +++ b/start-mongodb.sh @@ -10,6 +10,7 @@ MONGODB_USERNAME=$6 MONGODB_PASSWORD=$7 MONGODB_CONTAINER_NAME=$8 MONGODB_KEY=$9 +MONGODB_AUTHSOURCE=$10 # `mongosh` is used starting from MongoDB 5.x MONGODB_CLIENT="mongosh --quiet" @@ -49,7 +50,7 @@ wait_for_mongodb () { MONGODB_ARGS="" if [ -n "$MONGODB_USERNAME" ]; then - MONGODB_ARGS="--username $MONGODB_USERNAME --password $MONGODB_PASSWORD" + MONGODB_ARGS="--username $MONGODB_USERNAME --password $MONGODB_PASSWORD --authenticationDatabase $MONGODB_AUTHSOURCE" fi # until ${WAIT_FOR_MONGODB_COMMAND} From 181c471941e3a7ac32b551a7e568423fdd667d53 Mon Sep 17 00:00:00 2001 From: Radoslav Kirilov Date: Thu, 11 Sep 2025 16:58:50 +0300 Subject: [PATCH 03/16] fix: add auth source to test --- test/single-instance/single-instance.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/single-instance/single-instance.js b/test/single-instance/single-instance.js index 430c66c..2b47ab3 100644 --- a/test/single-instance/single-instance.js +++ b/test/single-instance/single-instance.js @@ -4,14 +4,14 @@ const { test } = require('uvu') const { expect } = require('expect') const Mongoose = require('mongoose') -const { MONGODB_USERNAME, MONGODB_PASSWORD, MONGODB_DB } = process.env +const { MONGODB_USERNAME, MONGODB_PASSWORD, MONGODB_DB, MONGODB_AUTHSOURCE } = process.env test('connects to MongoDB', async () => { const connection = await Mongoose.createConnection('mongodb://localhost', { user: MONGODB_USERNAME, pass: MONGODB_PASSWORD, dbName: MONGODB_DB, - authSource: MONGODB_USERNAME && MONGODB_PASSWORD ? 'admin' : undefined + authSource: MONGODB_USERNAME && MONGODB_PASSWORD ? MONGODB_AUTHSOURCE : undefined }) await connection.close() From 64852f5f37790a0f9bb54dc1abd7766bc07729a4 Mon Sep 17 00:00:00 2001 From: Radoslav Kirilov Date: Thu, 11 Sep 2025 18:15:44 +0300 Subject: [PATCH 04/16] fix: make it work --- start-mongodb.sh | 28 ++++++++++++---------------- 1 file changed, 12 insertions(+), 16 deletions(-) mode change 100644 => 100755 start-mongodb.sh diff --git a/start-mongodb.sh b/start-mongodb.sh old mode 100644 new mode 100755 index eb82615..8f1553e --- a/start-mongodb.sh +++ b/start-mongodb.sh @@ -10,7 +10,7 @@ MONGODB_USERNAME=$6 MONGODB_PASSWORD=$7 MONGODB_CONTAINER_NAME=$8 MONGODB_KEY=$9 -MONGODB_AUTHSOURCE=$10 +MONGODB_AUTHSOURCE=${10} # `mongosh` is used starting from MongoDB 5.x MONGODB_CLIENT="mongosh --quiet" @@ -113,17 +113,6 @@ if { [ -n "$MONGODB_USERNAME" ] || [ -n "$MONGODB_PASSWORD" ]; } && [ -z "$MONGO MONGODB_KEY=$(dd if=/dev/urandom bs=756 count=1 2>/dev/null | base64 | tr -d '\n') fi -# Prepare keyFile mount and args, if provided -KEYFILE_ARGS="" -VOLUME_ARGS="" -if [ -n "$MONGODB_KEY" ]; then - KEYFILE_PATH="/tmp/mongo-keyfile" - echo "$MONGODB_KEY" > "$KEYFILE_PATH" - chmod 400 "$KEYFILE_PATH" - VOLUME_ARGS="--volume $KEYFILE_PATH:/tmp/keyfile:ro" - KEYFILE_ARGS="--keyFile /tmp/keyfile" -fi - echo "::group::Starting MongoDB as single-node replica set" echo " - port [$MONGODB_PORT]" echo " - version [$MONGODB_VERSION]" @@ -144,10 +133,17 @@ docker run --name $MONGODB_CONTAINER_NAME \ -e MONGO_INITDB_DATABASE=$MONGODB_DB \ -e MONGO_INITDB_ROOT_USERNAME=$MONGODB_USERNAME \ -e MONGO_INITDB_ROOT_PASSWORD=$MONGODB_PASSWORD \ - --detach $MONGODB_IMAGE:$MONGODB_VERSION \ - --port $MONGODB_PORT \ - --replSet $MONGODB_REPLICA_SET \ - $KEYFILE_ARGS + -e MONGO_PORT=$MONGODB_PORT \ + -e MONGO_REPLICA_SET=$MONGODB_REPLICA_SET \ + -e MONGO_KEY=$MONGODB_KEY \ + -e MONGO_KEY_FILE=/tmp/mongo-keyfile \ + --detach \ + --entrypoint bash \ + $MONGODB_IMAGE:$MONGODB_VERSION \ + -c '\ + echo "$MONGO_KEY" > "$MONGO_KEY_FILE" && chmod 400 "$MONGO_KEY_FILE" && chown mongodb:mongodb "$MONGO_KEY_FILE" && \ + exec docker-entrypoint.sh mongod --port "$MONGO_PORT" --replSet "$MONGO_REPLICA_SET" --keyFile "$MONGO_KEY_FILE" \ + ' if [ $? -ne 0 ]; then echo "Error starting MongoDB Docker container" From 1d78eae0600755e6a7b717b1f5ee732d476f778f Mon Sep 17 00:00:00 2001 From: Radoslav Kirilov Date: Thu, 11 Sep 2025 18:24:34 +0300 Subject: [PATCH 05/16] chore: remove excessive logging --- start-mongodb.sh | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/start-mongodb.sh b/start-mongodb.sh index 8f1553e..9829f11 100755 --- a/start-mongodb.sh +++ b/start-mongodb.sh @@ -104,13 +104,9 @@ if [ -z "$MONGODB_REPLICA_SET" ]; then fi # For replica set mode: -# If auth (username/password) is requested, ensure mongodb-key is provided +# If auth (username/password) is requested, ensure mongodb-key is provided, otherwise generate random if { [ -n "$MONGODB_USERNAME" ] || [ -n "$MONGODB_PASSWORD" ]; } && [ -z "$MONGODB_KEY" ]; then - echo "" - echo "The input [mongodb-key] is required when using [mongodb-username] or [mongodb-password] with a replica set." - echo "Generating random 'mongodb-key'." - echo "" - MONGODB_KEY=$(dd if=/dev/urandom bs=756 count=1 2>/dev/null | base64 | tr -d '\n') + MONGODB_KEY=$(dd if=/dev/urandom bs=256 count=1 2>/dev/null | base64 | tr -d '\n') fi echo "::group::Starting MongoDB as single-node replica set" From b1791daf0d3f39f4129f384becf5dc8301a95d7d Mon Sep 17 00:00:00 2001 From: Radoslav Kirilov Date: Thu, 11 Sep 2025 18:27:55 +0300 Subject: [PATCH 06/16] chore: better logging --- start-mongodb.sh | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/start-mongodb.sh b/start-mongodb.sh index 9829f11..c8f280c 100755 --- a/start-mongodb.sh +++ b/start-mongodb.sh @@ -103,12 +103,6 @@ if [ -z "$MONGODB_REPLICA_SET" ]; then exit 0 fi -# For replica set mode: -# If auth (username/password) is requested, ensure mongodb-key is provided, otherwise generate random -if { [ -n "$MONGODB_USERNAME" ] || [ -n "$MONGODB_PASSWORD" ]; } && [ -z "$MONGODB_KEY" ]; then - MONGODB_KEY=$(dd if=/dev/urandom bs=256 count=1 2>/dev/null | base64 | tr -d '\n') -fi - echo "::group::Starting MongoDB as single-node replica set" echo " - port [$MONGODB_PORT]" echo " - version [$MONGODB_VERSION]" @@ -116,10 +110,17 @@ echo " - replica set [$MONGODB_REPLICA_SET]" if [ -n "$MONGODB_KEY" ]; then echo " - keyFile provided: yes" else - echo " - keyFile provided: no" + echo " - keyFile provided: no (random)" fi echo "" +# For replica set mode: +# If auth (username/password) is requested, ensure mongodb-key is provided, otherwise generate random +if { [ -n "$MONGODB_USERNAME" ] || [ -n "$MONGODB_PASSWORD" ]; } && [ -z "$MONGODB_KEY" ]; then + MONGODB_KEY=$(dd if=/dev/urandom bs=256 count=1 2>/dev/null | base64 | tr -d '\n') +fi + + # Start mongod in replica set mode, with optional auth and keyFile # MONGO_INITDB_* envs will create the root user on first startup From 8c7bc391ec3b6e0665b4268ae93b3b3f560184b2 Mon Sep 17 00:00:00 2001 From: Radoslav Kirilov Date: Fri, 12 Sep 2025 11:50:58 +0300 Subject: [PATCH 07/16] feat: cleanup the container post action --- Dockerfile | 3 ++- action.yml | 12 ++++++++++++ stop-mongodb.sh | 29 +++++++++++++++++++++++++++++ 3 files changed, 43 insertions(+), 1 deletion(-) create mode 100755 stop-mongodb.sh diff --git a/Dockerfile b/Dockerfile index 6ec69d1..fc0910e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,5 @@ FROM docker:stable COPY start-mongodb.sh /start-mongodb.sh -RUN chmod +x /start-mongodb.sh +COPY stop-mongodb.sh /stop-mongodb.sh +RUN chmod +x /start-mongodb.sh /stop-mongodb.sh ENTRYPOINT ["/start-mongodb.sh"] diff --git a/action.yml b/action.yml index bbbcb26..141f2f3 100644 --- a/action.yml +++ b/action.yml @@ -70,3 +70,15 @@ runs: - ${{ inputs.mongodb-container-name }} - ${{ inputs.mongodb-key }} - ${{ inputs.mongodb-authsource }} + post-entrypoint: /stop-mongodb.sh + post-args: + - ${{ inputs.mongodb-image }} + - ${{ inputs.mongodb-version }} + - ${{ inputs.mongodb-replica-set }} + - ${{ inputs.mongodb-port }} + - ${{ inputs.mongodb-db }} + - ${{ inputs.mongodb-username }} + - ${{ inputs.mongodb-password }} + - ${{ inputs.mongodb-container-name }} + - ${{ inputs.mongodb-key }} + - ${{ inputs.mongodb-authsource }} diff --git a/stop-mongodb.sh b/stop-mongodb.sh new file mode 100755 index 0000000..f1760ad --- /dev/null +++ b/stop-mongodb.sh @@ -0,0 +1,29 @@ +#!/bin/sh + +# Keep argument positions aligned with action.yml "args" so we can reuse them in post-args +MONGODB_IMAGE=$1 +MONGODB_VERSION=$2 +MONGODB_REPLICA_SET=$3 +MONGODB_PORT=$4 +MONGODB_DB=$5 +MONGODB_USERNAME=$6 +MONGODB_PASSWORD=$7 +MONGODB_CONTAINER_NAME=$8 +MONGODB_KEY=$9 +MONGODB_AUTHSOURCE=${10} + +# Best-effort cleanup, do not fail the job if cleanup fails +set +e + +echo "::group::Cleaning up MongoDB container [$MONGODB_CONTAINER_NAME]" + +if docker ps -a --format '{{.Names}}' | grep -Eq "^${MONGODB_CONTAINER_NAME}$"; then + docker rm -f "$MONGODB_CONTAINER_NAME" >/dev/null 2>&1 || true + echo "Removed container $MONGODB_CONTAINER_NAME" +else + echo "Container $MONGODB_CONTAINER_NAME not found; nothing to clean." +fi + +echo "::endgroup::" + +exit 0 From 15745e3a9333a4a4374e42b3bc162afcc9739732 Mon Sep 17 00:00:00 2001 From: Radoslav Kirilov Date: Sun, 14 Sep 2025 23:52:28 +0300 Subject: [PATCH 08/16] fix: proper args support --- start-mongodb.sh | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/start-mongodb.sh b/start-mongodb.sh index c8f280c..0390901 100755 --- a/start-mongodb.sh +++ b/start-mongodb.sh @@ -1,5 +1,7 @@ #!/bin/sh +set -ex + # Map input values from the GitHub Actions workflow to shell variables MONGODB_IMAGE=$1 MONGODB_VERSION=$2 @@ -120,6 +122,17 @@ if { [ -n "$MONGODB_USERNAME" ] || [ -n "$MONGODB_PASSWORD" ]; } && [ -z "$MONGO MONGODB_KEY=$(dd if=/dev/urandom bs=256 count=1 2>/dev/null | base64 | tr -d '\n') fi +MONGODB_CMD_ARGS="--port \"$MONGODB_PORT\"" + +if [ -n "$MONGO_REPLICA_SET" ]; then + MONGODB_CMD_ARGS="$MONGODB_CMD_ARGS --replSet \"$MONGO_REPLICA_SET\"" +fi + +if [ -n "$MONGODB_KEY" ]; then + # NOTE: The MONGO_KEY_FILE must be interpolated later + MONGODB_CMD_ARGS="$MONGODB_CMD_ARGS --keyFile \"\$MONGO_KEY_FILE\"" +fi + # Start mongod in replica set mode, with optional auth and keyFile # MONGO_INITDB_* envs will create the root user on first startup @@ -130,8 +143,6 @@ docker run --name $MONGODB_CONTAINER_NAME \ -e MONGO_INITDB_DATABASE=$MONGODB_DB \ -e MONGO_INITDB_ROOT_USERNAME=$MONGODB_USERNAME \ -e MONGO_INITDB_ROOT_PASSWORD=$MONGODB_PASSWORD \ - -e MONGO_PORT=$MONGODB_PORT \ - -e MONGO_REPLICA_SET=$MONGODB_REPLICA_SET \ -e MONGO_KEY=$MONGODB_KEY \ -e MONGO_KEY_FILE=/tmp/mongo-keyfile \ --detach \ @@ -139,7 +150,7 @@ docker run --name $MONGODB_CONTAINER_NAME \ $MONGODB_IMAGE:$MONGODB_VERSION \ -c '\ echo "$MONGO_KEY" > "$MONGO_KEY_FILE" && chmod 400 "$MONGO_KEY_FILE" && chown mongodb:mongodb "$MONGO_KEY_FILE" && \ - exec docker-entrypoint.sh mongod --port "$MONGO_PORT" --replSet "$MONGO_REPLICA_SET" --keyFile "$MONGO_KEY_FILE" \ + exec docker-entrypoint.sh mongod '$MONGODB_CMD_ARGS' \ ' if [ $? -ne 0 ]; then From 64d89f3d128af92366ffb222e9366422eaa56b5d Mon Sep 17 00:00:00 2001 From: Radoslav Kirilov Date: Sun, 14 Sep 2025 23:53:15 +0300 Subject: [PATCH 09/16] fix: remove post-args as invalid --- action.yml | 11 ----------- start-mongodb.sh | 2 -- 2 files changed, 13 deletions(-) diff --git a/action.yml b/action.yml index 141f2f3..96450d1 100644 --- a/action.yml +++ b/action.yml @@ -71,14 +71,3 @@ runs: - ${{ inputs.mongodb-key }} - ${{ inputs.mongodb-authsource }} post-entrypoint: /stop-mongodb.sh - post-args: - - ${{ inputs.mongodb-image }} - - ${{ inputs.mongodb-version }} - - ${{ inputs.mongodb-replica-set }} - - ${{ inputs.mongodb-port }} - - ${{ inputs.mongodb-db }} - - ${{ inputs.mongodb-username }} - - ${{ inputs.mongodb-password }} - - ${{ inputs.mongodb-container-name }} - - ${{ inputs.mongodb-key }} - - ${{ inputs.mongodb-authsource }} diff --git a/start-mongodb.sh b/start-mongodb.sh index 0390901..589ec19 100755 --- a/start-mongodb.sh +++ b/start-mongodb.sh @@ -1,7 +1,5 @@ #!/bin/sh -set -ex - # Map input values from the GitHub Actions workflow to shell variables MONGODB_IMAGE=$1 MONGODB_VERSION=$2 From 800685579c94b0c5bc563e06dbc367428bfa541e Mon Sep 17 00:00:00 2001 From: Radoslav Kirilov Date: Mon, 15 Sep 2025 00:01:18 +0300 Subject: [PATCH 10/16] fix: vars --- start-mongodb.sh | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/start-mongodb.sh b/start-mongodb.sh index 589ec19..4158c08 100755 --- a/start-mongodb.sh +++ b/start-mongodb.sh @@ -120,15 +120,16 @@ if { [ -n "$MONGODB_USERNAME" ] || [ -n "$MONGODB_PASSWORD" ]; } && [ -z "$MONGO MONGODB_KEY=$(dd if=/dev/urandom bs=256 count=1 2>/dev/null | base64 | tr -d '\n') fi -MONGODB_CMD_ARGS="--port \"$MONGODB_PORT\"" +MONGO_KEY_FILE=/tmp/mongo-keyfile + +MONGODB_CMD_ARGS="--port '$MONGODB_PORT'" if [ -n "$MONGO_REPLICA_SET" ]; then - MONGODB_CMD_ARGS="$MONGODB_CMD_ARGS --replSet \"$MONGO_REPLICA_SET\"" + MONGODB_CMD_ARGS="$MONGODB_CMD_ARGS --replSet '$MONGO_REPLICA_SET'" fi if [ -n "$MONGODB_KEY" ]; then - # NOTE: The MONGO_KEY_FILE must be interpolated later - MONGODB_CMD_ARGS="$MONGODB_CMD_ARGS --keyFile \"\$MONGO_KEY_FILE\"" + MONGODB_CMD_ARGS="$MONGODB_CMD_ARGS --keyFile '$MONGO_KEY_FILE'" fi @@ -142,7 +143,7 @@ docker run --name $MONGODB_CONTAINER_NAME \ -e MONGO_INITDB_ROOT_USERNAME=$MONGODB_USERNAME \ -e MONGO_INITDB_ROOT_PASSWORD=$MONGODB_PASSWORD \ -e MONGO_KEY=$MONGODB_KEY \ - -e MONGO_KEY_FILE=/tmp/mongo-keyfile \ + -e MONGO_KEY_FILE=$MONGO_KEY_FILE \ --detach \ --entrypoint bash \ $MONGODB_IMAGE:$MONGODB_VERSION \ From 7a52156a95adcf90cfc865a5e3d001ab99db5d52 Mon Sep 17 00:00:00 2001 From: Radoslav Kirilov Date: Mon, 15 Sep 2025 00:22:06 +0300 Subject: [PATCH 11/16] fix: proper cmd --- start-mongodb.sh | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/start-mongodb.sh b/start-mongodb.sh index 4158c08..4c4c9e2 100755 --- a/start-mongodb.sh +++ b/start-mongodb.sh @@ -120,16 +120,15 @@ if { [ -n "$MONGODB_USERNAME" ] || [ -n "$MONGODB_PASSWORD" ]; } && [ -z "$MONGO MONGODB_KEY=$(dd if=/dev/urandom bs=256 count=1 2>/dev/null | base64 | tr -d '\n') fi -MONGO_KEY_FILE=/tmp/mongo-keyfile +MONGODB_CMD_ARGS="--port \"$MONGODB_PORT\"" -MONGODB_CMD_ARGS="--port '$MONGODB_PORT'" - -if [ -n "$MONGO_REPLICA_SET" ]; then - MONGODB_CMD_ARGS="$MONGODB_CMD_ARGS --replSet '$MONGO_REPLICA_SET'" +if [ -n "$MONGODB_REPLICA_SET" ]; then + MONGODB_CMD_ARGS="$MONGODB_CMD_ARGS --replSet \"$MONGODB_REPLICA_SET\"" fi if [ -n "$MONGODB_KEY" ]; then - MONGODB_CMD_ARGS="$MONGODB_CMD_ARGS --keyFile '$MONGO_KEY_FILE'" + # NOTE: MONGO_KEY_FILE is interpolated internally + MONGODB_CMD_ARGS="$MONGODB_CMD_ARGS --keyFile \"\$MONGO_KEY_FILE\"" fi @@ -143,13 +142,13 @@ docker run --name $MONGODB_CONTAINER_NAME \ -e MONGO_INITDB_ROOT_USERNAME=$MONGODB_USERNAME \ -e MONGO_INITDB_ROOT_PASSWORD=$MONGODB_PASSWORD \ -e MONGO_KEY=$MONGODB_KEY \ - -e MONGO_KEY_FILE=$MONGO_KEY_FILE \ + -e MONGO_KEY_FILE=/tmp/mongo-keyfile \ --detach \ --entrypoint bash \ $MONGODB_IMAGE:$MONGODB_VERSION \ -c '\ echo "$MONGO_KEY" > "$MONGO_KEY_FILE" && chmod 400 "$MONGO_KEY_FILE" && chown mongodb:mongodb "$MONGO_KEY_FILE" && \ - exec docker-entrypoint.sh mongod '$MONGODB_CMD_ARGS' \ + exec docker-entrypoint.sh mongod '"$MONGODB_CMD_ARGS"' \ ' if [ $? -ne 0 ]; then From d2570575198ed2af7ef24348d45c2a00fb9587b8 Mon Sep 17 00:00:00 2001 From: Radoslav Kirilov Date: Mon, 15 Sep 2025 05:35:14 +0300 Subject: [PATCH 12/16] feat: support network and network-alias --- action.yml | 12 ++++++++++++ start-mongodb.sh | 17 +++++++++++++++++ stop-mongodb.sh | 2 ++ 3 files changed, 31 insertions(+) diff --git a/action.yml b/action.yml index 96450d1..0b4a34f 100644 --- a/action.yml +++ b/action.yml @@ -56,6 +56,16 @@ inputs: required: false default: 'admin' + docker-network: + description: 'Docker network to attach the MongoDB container to. If not provided, will try to use the default GitHub Actions network if available (github_network_).' + required: false + default: '' + + docker-network-alias: + description: 'Network alias for the MongoDB container when attaching to a Docker network. If not provided, will use mongodb-container-name input' + required: false + default: '' + runs: using: 'docker' image: 'Dockerfile' @@ -70,4 +80,6 @@ runs: - ${{ inputs.mongodb-container-name }} - ${{ inputs.mongodb-key }} - ${{ inputs.mongodb-authsource }} + - ${{ inputs.docker-network }} + - ${{ inputs.docker-network-alias }} post-entrypoint: /stop-mongodb.sh diff --git a/start-mongodb.sh b/start-mongodb.sh index 4c4c9e2..fb63d5a 100755 --- a/start-mongodb.sh +++ b/start-mongodb.sh @@ -11,6 +11,21 @@ MONGODB_PASSWORD=$7 MONGODB_CONTAINER_NAME=$8 MONGODB_KEY=$9 MONGODB_AUTHSOURCE=${10} +DOCKER_NETWORK=${11} +DOCKER_NETWORK_ALIAS=${12:-$MONGODB_CONTAINER_NAME} + +# If DOCKER_NETWORK not provided, try to detect the default GitHub Actions network +if [ -z "$DOCKER_NETWORK" ]; then + if docker network ls --format '{{.Name}}' | grep -q '^github_network$'; then + DOCKER_NETWORK=github_network + fi +fi + +# Build network args if a network is set +NETWORK_ARGS="" +if [ -n "$DOCKER_NETWORK" ]; then + NETWORK_ARGS="--network $DOCKER_NETWORK --network-alias $DOCKER_NETWORK_ALIAS" +fi # `mongosh` is used starting from MongoDB 5.x MONGODB_CLIENT="mongosh --quiet" @@ -87,6 +102,7 @@ if [ -z "$MONGODB_REPLICA_SET" ]; then echo "" docker run --name $MONGODB_CONTAINER_NAME \ + $NETWORK_ARGS \ --publish $MONGODB_PORT:$MONGODB_PORT \ -e MONGO_INITDB_DATABASE=$MONGODB_DB \ -e MONGO_INITDB_ROOT_USERNAME=$MONGODB_USERNAME \ @@ -136,6 +152,7 @@ fi # MONGO_INITDB_* envs will create the root user on first startup docker run --name $MONGODB_CONTAINER_NAME \ + $NETWORK_ARGS \ --publish $MONGODB_PORT:$MONGODB_PORT \ $VOLUME_ARGS \ -e MONGO_INITDB_DATABASE=$MONGODB_DB \ diff --git a/stop-mongodb.sh b/stop-mongodb.sh index f1760ad..a55b631 100755 --- a/stop-mongodb.sh +++ b/stop-mongodb.sh @@ -11,6 +11,8 @@ MONGODB_PASSWORD=$7 MONGODB_CONTAINER_NAME=$8 MONGODB_KEY=$9 MONGODB_AUTHSOURCE=${10} +DOCKER_NETWORK=${11} +DOCKER_NETWORK_ALIAS=${12} # Best-effort cleanup, do not fail the job if cleanup fails set +e From fa5f6bd7cb82842a041b5c94151b4485799e00fe Mon Sep 17 00:00:00 2001 From: Radoslav Kirilov Date: Mon, 15 Sep 2025 05:48:05 +0300 Subject: [PATCH 13/16] feat: log selected network and network-alias --- start-mongodb.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/start-mongodb.sh b/start-mongodb.sh index fb63d5a..6bedf92 100755 --- a/start-mongodb.sh +++ b/start-mongodb.sh @@ -27,6 +27,17 @@ if [ -n "$DOCKER_NETWORK" ]; then NETWORK_ARGS="--network $DOCKER_NETWORK --network-alias $DOCKER_NETWORK_ALIAS" fi +# Echo selected network info for visibility +echo "::group::Selecting Docker network" +if [ -n "$DOCKER_NETWORK" ]; then + echo " - Docker network: [$DOCKER_NETWORK]" + echo " - Network alias: [$DOCKER_NETWORK_ALIAS]" +else + echo " - No Docker network provided; container will use default Docker network." +fi +echo "" +echo "::endgroup::" + # `mongosh` is used starting from MongoDB 5.x MONGODB_CLIENT="mongosh --quiet" From 70102c7cb9207e89281e1733953f2bd89fbde99a Mon Sep 17 00:00:00 2001 From: Radoslav Kirilov Date: Mon, 15 Sep 2025 05:57:05 +0300 Subject: [PATCH 14/16] feat: proper support network and network-alias --- start-mongodb.sh | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/start-mongodb.sh b/start-mongodb.sh index 6bedf92..a53373a 100755 --- a/start-mongodb.sh +++ b/start-mongodb.sh @@ -16,9 +16,7 @@ DOCKER_NETWORK_ALIAS=${12:-$MONGODB_CONTAINER_NAME} # If DOCKER_NETWORK not provided, try to detect the default GitHub Actions network if [ -z "$DOCKER_NETWORK" ]; then - if docker network ls --format '{{.Name}}' | grep -q '^github_network$'; then - DOCKER_NETWORK=github_network - fi + DOCKER_NETWORK=$(docker network ls --no-trunc --format '{{.Name}}' | grep '^github_network') fi # Build network args if a network is set From ad5ad1f38156198bebde15bfcb81b9f8852534be Mon Sep 17 00:00:00 2001 From: Radoslav Kirilov Date: Mon, 15 Sep 2025 06:20:15 +0300 Subject: [PATCH 15/16] fix: remove unused VOLUME_ARGS --- start-mongodb.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/start-mongodb.sh b/start-mongodb.sh index a53373a..205ba25 100755 --- a/start-mongodb.sh +++ b/start-mongodb.sh @@ -163,7 +163,6 @@ fi docker run --name $MONGODB_CONTAINER_NAME \ $NETWORK_ARGS \ --publish $MONGODB_PORT:$MONGODB_PORT \ - $VOLUME_ARGS \ -e MONGO_INITDB_DATABASE=$MONGODB_DB \ -e MONGO_INITDB_ROOT_USERNAME=$MONGODB_USERNAME \ -e MONGO_INITDB_ROOT_PASSWORD=$MONGODB_PASSWORD \ From f1fa9b86d82ee7bb948da412defd9fe83f02b637 Mon Sep 17 00:00:00 2001 From: Radoslav Kirilov Date: Mon, 15 Sep 2025 06:46:40 +0300 Subject: [PATCH 16/16] feat: `mongodb-replica-set-host` input --- action-types.yml | 6 ++++++ action.yml | 10 ++++++++-- start-mongodb.sh | 7 ++++--- stop-mongodb.sh | 5 +++-- 4 files changed, 21 insertions(+), 7 deletions(-) diff --git a/action-types.yml b/action-types.yml index 43fcd71..e567ea3 100644 --- a/action-types.yml +++ b/action-types.yml @@ -20,3 +20,9 @@ inputs: type: string mongodb-authsource: type: string + mongodb-replica-set-host: + type: string + docker-network: + type: string + docker-network-alias: + type: string diff --git a/action.yml b/action.yml index 0b4a34f..bd0b05f 100644 --- a/action.yml +++ b/action.yml @@ -12,7 +12,7 @@ inputs: default: 'mongo' mongodb-version: - description: 'MongoDB version to use (default "latest")' + description: 'MongoDB version to use (default: "latest")' required: false default: 'latest' @@ -22,7 +22,7 @@ inputs: default: '' mongodb-port: - description: 'MongoDB port to use (default 27017)' + description: 'MongoDB port to use (default: 27017)' required: false default: 27017 @@ -56,6 +56,11 @@ inputs: required: false default: 'admin' + mongodb-replica-set-host: + description: 'MongoDB replica set host, must be accessible from both internal container and external usage (default: "localhost")' + required: false + default: 'localhost' + docker-network: description: 'Docker network to attach the MongoDB container to. If not provided, will try to use the default GitHub Actions network if available (github_network_).' required: false @@ -80,6 +85,7 @@ runs: - ${{ inputs.mongodb-container-name }} - ${{ inputs.mongodb-key }} - ${{ inputs.mongodb-authsource }} + - ${{ inputs.mongodb-replica-set-host }} - ${{ inputs.docker-network }} - ${{ inputs.docker-network-alias }} post-entrypoint: /stop-mongodb.sh diff --git a/start-mongodb.sh b/start-mongodb.sh index 205ba25..b34b56b 100755 --- a/start-mongodb.sh +++ b/start-mongodb.sh @@ -11,8 +11,9 @@ MONGODB_PASSWORD=$7 MONGODB_CONTAINER_NAME=$8 MONGODB_KEY=$9 MONGODB_AUTHSOURCE=${10} -DOCKER_NETWORK=${11} -DOCKER_NETWORK_ALIAS=${12:-$MONGODB_CONTAINER_NAME} +MONGODB_REPLICA_SET_HOST=${11:-"localhost"} +DOCKER_NETWORK=${12} +DOCKER_NETWORK_ALIAS=${13:-$MONGODB_CONTAINER_NAME} # If DOCKER_NETWORK not provided, try to detect the default GitHub Actions network if [ -z "$DOCKER_NETWORK" ]; then @@ -199,7 +200,7 @@ docker exec --tty $MONGODB_CONTAINER_NAME $MONGODB_CLIENT --port $MONGODB_PORT $ \"_id\": \"$MONGODB_REPLICA_SET\", \"members\": [ { \"_id\": 0, - \"host\": \"localhost:$MONGODB_PORT\" + \"host\": \"$MONGODB_REPLICA_SET_HOST:$MONGODB_PORT\" } ] }) " diff --git a/stop-mongodb.sh b/stop-mongodb.sh index a55b631..ea2cf5d 100755 --- a/stop-mongodb.sh +++ b/stop-mongodb.sh @@ -11,8 +11,9 @@ MONGODB_PASSWORD=$7 MONGODB_CONTAINER_NAME=$8 MONGODB_KEY=$9 MONGODB_AUTHSOURCE=${10} -DOCKER_NETWORK=${11} -DOCKER_NETWORK_ALIAS=${12} +MONGODB_REPLICA_SET_HOST=${11:-"localhost"} +DOCKER_NETWORK=${12} +DOCKER_NETWORK_ALIAS=${13:-$MONGODB_CONTAINER_NAME} # Best-effort cleanup, do not fail the job if cleanup fails set +e