fix: mongo check

[HardMax71]

Summary by cubic

Updated MongoDB healthcheck in docker-compose to use an unauthenticated ping. This avoids failures when credentials aren’t ready and keeps the service healthy during startup.

^{Written for commit 5da3036. Summary will update on new commits.}

Summary by CodeRabbit

• Chores
  • Simplified the MongoDB service healthcheck configuration in the Docker setup to improve maintainability.

[coderabbitai]

📝 Walkthrough

Walkthrough

The MongoDB service healthcheck in docker-compose.yaml was simplified by removing authentication parameters (--username, --password, --authenticationDatabase) from the mongosh ping command. The healthcheck now executes a basic database ping without explicit credentials.

Changes

Cohort / File(s)	Summary
MongoDB Healthcheck Configuration docker-compose.yaml	Removed authentication credentials (--username, --password, --authenticationDatabase admin) from the mongo service healthcheck test command. The mongosh command now executes eval 'db.adminCommand("ping")' without explicit credentials.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

• fix: use container-internal env vars in mongo healthcheck #259: Also modifies MongoDB healthcheck in docker-compose.yaml, replacing shell-based ping with mongosh authentication approach using container environment variables.

Poem

🐰 A healthcheck so simple, so clean,
No passwords in sight to be seen,
The mongo now pings with delight,
Without all the auth overhead weight,
One less secret the container must keep! 🔓

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'fix: mongo check' is vague and doesn't clearly describe what was fixed in the mongo health check or why the change was necessary.	Consider using a more descriptive title such as 'fix: simplify mongo health check by removing auth credentials' to clarify the specific change.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/deploy-creds-v2

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[Copilot]

Pull request overview

This PR simplifies the MongoDB healthcheck in docker-compose.yaml by removing the authentication flags (--username, --password, --authenticationDatabase) from the mongosh command used in the healthcheck.test field. Since db.adminCommand("ping") in MongoDB does not require authentication, the simplified command is functionally equivalent for health-checking purposes.

Changes:

• Removed authentication credentials from the MongoDB healthcheck command in docker-compose.yaml, relying on the fact that db.adminCommand("ping") works without authentication in MongoDB.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[cubic-dev-ai]

No issues found across 1 file

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@docker-compose.yaml`:
- Line 63: The healthcheck command (the test line invoking mongosh --quiet
--host 127.0.0.1 --port 27017 --eval 'db.adminCommand("ping")') fails because
MongoDB is running with access control; update the healthcheck to run via
CMD-SHELL and include authentication options: add --username and --password
referencing the environment variables (MONGO_INITDB_ROOT_USERNAME and
MONGO_INITDB_ROOT_PASSWORD) and set --authenticationDatabase=admin so the ping
runs authenticated; ensure the wrapper uses CMD-SHELL to allow environment
variable expansion and return a zero exit code on success.

---

ℹ️ Review info

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 833bcf9 and 5da3036.

📒 Files selected for processing (1)

• docker-compose.yaml

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

# First, examine the docker-compose.yaml file to understand the MongoDB setup
cat -n docker-compose.yaml | head -110

Repository: HardMax71/Integr8sCode

Length of output: 3904

---

🌐 Web query:

MongoDB 8.0 mongosh healthcheck with authentication credentials MONGO_INITDB_ROOT_USERNAME

💡 Result:

Use mongosh with --username/--password and --authenticationDatabase admin (the official mongo image creates the MONGO_INITDB_ROOT_USERNAME user in the admin auth DB). [1] In a Compose healthcheck, use CMD-SHELL and $$VAR so the variables are expanded inside the container:

services:
  mongo:
    image: mongo:8.0
    environment:
      MONGO_INITDB_ROOT_USERNAME: root
      MONGO_INITDB_ROOT_PASSWORD: example
    healthcheck:
      test:
        [
          "CMD-SHELL",
          "mongosh --quiet --host localhost --port 27017 \
            -u $$MONGO_INITDB_ROOT_USERNAME -p $$MONGO_INITDB_ROOT_PASSWORD \
            --authenticationDatabase admin \
            --eval \"db.runCommand({ ping: 1 }).ok\" | grep -q 1"
        ]
      interval: 10s
      timeout: 5s
      retries: 5
      start_period: 30s

Notes:

• --eval and --quiet are standard mongosh options. [2]
• MONGO_INITDB_ROOT_* only take effect on first init (empty data dir); if you reuse a volume with existing data, the root user may not be created/changed. [1]

Sources:
[1] Docker Hub – official mongo image (MONGO_INITDB_ROOT_USERNAME/PASSWORD, created in admin, mongosh ... --authenticationDatabase admin)
[2] MongoDB Docs – mongosh options (--username, --password, --authenticationDatabase, --eval, --quiet)

---

🌐 Web query:

does db.adminCommand ping require authentication MongoDB access control enabled

💡 Result:

Yes. When MongoDB access control is enabled (security.authorization: enabled / --auth), clients must authenticate to run commands, and are then limited to actions allowed by their roles [1]. Since db.adminCommand({ ping: 1 }) is just the ping database command [2], running it unauthenticated will fail with an authentication/unauthorized error; once authenticated, it typically doesn’t require any special additional privileges beyond being logged in [1], [2].

Sources
[1] MongoDB Docs — Enable Access Control on Self-Managed Deployments (mongodb.com)
[2] MongoDB Docs — ping (database command) (mongodb.com)

Citations:

• 1: https://www.mongodb.com/docs/manual/tutorial/enable-authentication/?utm_source=openai
• 2: https://www.mongodb.com/docs/v8.0/reference/command/ping/?utm_source=openai

---

🌐 Web query:

mongosh exit code authentication failure command line credentials

💡 Result:

mongosh exit code on authentication failure

• When mongosh can’t connect/authenticate (e.g., MongoServerError: Authentication failed), it exits with a non‑zero status (commonly 1 in automation scenarios). To make your scripts robust, explicitly control the exit code rather than relying on shell behavior.

Pass credentials correctly (CLI)

MongoDB’s docs recommend providing username, password, and the user’s authentication database:

mongosh --host <host> --port 27017 \
  --username "<user>" --password \
  --authenticationDatabase "<authDb>"

--password with no value prompts securely. [1][2]

You can also use a URI (equivalent approach):

mongosh "mongodb://<user>:<pass>@<host>:27017/<db>?authSource=<authDb>"

(You typically want authSource=admin when the user is stored in admin.) [2]

Ensure a deterministic exit code in scripts

• If you need to exit mongosh with a specific code from a script, use process.exit(code) (recommended workaround in automation). [3]
• quit(<code>) passing through the exit code had a known issue in early mongosh, and was fixed so it works like the legacy shell in newer releases. [4]

Example “fail CI job if auth/connection fails” pattern:

mongosh "mongodb://<host>:27017/?authSource=<authDb>" \
  --username "<user>" --password --quiet \
  --eval 'db.runCommand({ ping: 1 }).ok ? process.exit(0) : process.exit(2)'

Quick checklist if you see “Authentication failed”

• Wrong --authenticationDatabase / authSource is the most common cause; it must match the DB where the user was created. [2]
• If using LDAP, --authenticationDatabase is typically $external. [2]

Sources: [1] [2] [3] [4]

---

Healthcheck on Line 63 will fail—MongoDB requires authentication but no credentials are provided.

With access control enabled via MONGO_INITDB_ROOT_USERNAME and MONGO_INITDB_ROOT_PASSWORD, the unauthenticated ping command will fail authentication and prevent dependent services from starting. Add credentials and use CMD-SHELL to ensure proper environment variable expansion.

🔧 Required fix

-      test: mongosh --quiet --host 127.0.0.1 --port 27017 --eval 'db.adminCommand("ping")'
+      test: ["CMD-SHELL", "mongosh --quiet --host 127.0.0.1 --port 27017 --username \"$${MONGO_INITDB_ROOT_USERNAME}\" --password \"$${MONGO_INITDB_ROOT_PASSWORD}\" --authenticationDatabase admin --eval 'quit(db.adminCommand({ ping: 1 }).ok ? 0 : 2)'"]

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@docker-compose.yaml` at line 63, The healthcheck command (the test line
invoking mongosh --quiet --host 127.0.0.1 --port 27017 --eval
'db.adminCommand("ping")') fails because MongoDB is running with access control;
update the healthcheck to run via CMD-SHELL and include authentication options:
add --username and --password referencing the environment variables
(MONGO_INITDB_ROOT_USERNAME and MONGO_INITDB_ROOT_PASSWORD) and set
--authenticationDatabase=admin so the ping runs authenticated; ensure the
wrapper uses CMD-SHELL to allow environment variable expansion and return a zero
exit code on success.

[codecov-commenter]

⚠️ Please install the to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

✅ All modified and coverable lines are covered by tests.
❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Flag	Coverage Δ
backend-e2e	83.30% <ø> (+0.07%)	⬆️
backend-unit	67.91% <ø> (ø)
frontend-unit	86.86% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.
see 2 files with indirect coverage changes

Components	Coverage Δ
Backend	90.15% <ø> (+0.08%)	⬆️
Frontend	86.86% <ø> (ø)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.