Skip to content

fix(e2e): improve MongoDB test application stability and resource configuration #2013

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Nov 7, 2025
Merged

fix(e2e): improve MongoDB test application stability and resource configuration #2013

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
39 changes: 28 additions & 11 deletions tests/e2e/sample-applications/mongo-persistent/mongo-persistent-block.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ items:
# Used to format the block device (put filesystem on it).
# This allows Mongo to use the filesystem which lives on block device.
initContainers:
- image: docker.io/library/mongo:latest
- image: docker.io/library/mongo:7.0
imagePullPolicy: IfNotPresent
securityContext:
privileged: true
Expand Down Expand Up @@ -102,7 +102,7 @@ items:
- name: block-volume-pv
devicePath: /dev/xvdx
containers:
- image: docker.io/library/mongo:latest
- image: docker.io/library/mongo:7.0
name: mongo
securityContext:
privileged: true
Expand All @@ -117,8 +117,10 @@ items:
- containerPort: 27017
name: mongo
resources:
limits:
requests:
memory: 512Mi
limits:
memory: 1Gi
command:
- "sh"
- "-c"
Expand All @@ -131,23 +133,38 @@ items:
volumeDevices:
- name: block-volume-pv
devicePath: /dev/xvdx
livenessProbe:
tcpSocket:
port: mongo
initialDelaySeconds: 5
readinessProbe:
exec:
command:
- /bin/bash
- -c
- "mongosh --eval 'db.runCommand(\"ping\")' --quiet"
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
livenessProbe:
exec:
command:
- /bin/bash
- -c
- "mongosh --eval 'db.runCommand(\"ping\")' --quiet"
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 3
Comment on lines +136 to +155
Copy link

@coderabbitai coderabbitai bot Nov 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Authentication mismatch between startup and readiness/liveness probes.

Same authentication inconsistency as the other two files: readinessProbe and livenessProbe lack credentials while startupProbe authenticates, causing probe failures once MongoDB enforces authentication.

Apply the authentication fix:

               readinessProbe:
                 exec:
                   command:
                   - /bin/bash
                   - -c
-                  - "mongosh --eval 'db.runCommand(\"ping\")' --quiet"
+                  - "mongosh admin --authenticationDatabase admin -u \"$MONGO_INITDB_ROOT_USERNAME\" -p \"$MONGO_INITDB_ROOT_PASSWORD\" --eval 'db.runCommand(\"ping\")' --quiet"
                 initialDelaySeconds: 30
                 periodSeconds: 10
                 timeoutSeconds: 5
                 failureThreshold: 3
               livenessProbe:
                 exec:
                   command:
                   - /bin/bash
                   - -c
-                  - "mongosh --eval 'db.runCommand(\"ping\")' --quiet"
+                  - "mongosh admin --authenticationDatabase admin -u \"$MONGO_INITDB_ROOT_USERNAME\" -p \"$MONGO_INITDB_ROOT_PASSWORD\" --eval 'db.runCommand(\"ping\")' --quiet"
                 initialDelaySeconds: 60
                 periodSeconds: 30
                 timeoutSeconds: 10
                 failureThreshold: 3
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
readinessProbe:
exec:
command:
- /bin/bash
- -c
- "mongosh --eval 'db.runCommand(\"ping\")' --quiet"
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
livenessProbe:
exec:
command:
- /bin/bash
- -c
- "mongosh --eval 'db.runCommand(\"ping\")' --quiet"
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 3
readinessProbe:
exec:
command:
- /bin/bash
- -c
- "mongosh admin --authenticationDatabase admin -u \"$MONGO_INITDB_ROOT_USERNAME\" -p \"$MONGO_INITDB_ROOT_PASSWORD\" --eval 'db.runCommand(\"ping\")' --quiet"
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
livenessProbe:
exec:
command:
- /bin/bash
- -c
- "mongosh admin --authenticationDatabase admin -u \"$MONGO_INITDB_ROOT_USERNAME\" -p \"$MONGO_INITDB_ROOT_PASSWORD\" --eval 'db.runCommand(\"ping\")' --quiet"
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 3
🤖 Prompt for AI Agents 
In tests/e2e/sample-applications/mongo-persistent/mongo-persistent-block.yaml
around lines 136 to 155, the readinessProbe and livenessProbe call mongosh
without authentication while startupProbe uses credentials, causing failures
when MongoDB requires auth; update both probes to use the same authentication
parameters as startupProbe (e.g., add the same --username, --password and
--authenticationDatabase flags or use the identical authenticated connection
string used by startupProbe) so all probes authenticate consistently and succeed
once auth is enforced.

startupProbe:
exec:
command:
- bash
- -c
- |
mongosh admin --authenticationDatabase admin -u "$MONGO_INITDB_ROOT_USERNAME" -p "$MONGO_INITDB_ROOT_PASSWORD" --eval 'db.adminCommand("ping")'
initialDelaySeconds: 5
periodSeconds: 30
timeoutSeconds: 2
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 40 # 40x30sec before restart pod
failureThreshold: 12 # 12x10sec = 2min before restart pod
- image: docker.io/curlimages/curl:8.5.0
name: curl-tool
command: ["/bin/sleep", "infinity"]
Expand Down
37 changes: 27 additions & 10 deletions tests/e2e/sample-applications/mongo-persistent/mongo-persistent-csi.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ items:
spec:
serviceAccountName: mongo-persistent-sa
containers:
- image: docker.io/library/mongo:latest
- image: docker.io/library/mongo:7.0
imagePullPolicy: IfNotPresent
name: mongo
securityContext:
Expand All @@ -83,28 +83,45 @@ items:
- containerPort: 27017
name: mongo
resources:
limits:
requests:
memory: 512Mi
limits:
memory: 1Gi
volumeMounts:
- name: mongo-data
mountPath: /data/db
livenessProbe:
tcpSocket:
port: mongo
initialDelaySeconds: 5
readinessProbe:
exec:
command:
- /bin/bash
- -c
- "mongosh --eval 'db.runCommand(\"ping\")' --quiet"
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
livenessProbe:
exec:
command:
- /bin/bash
- -c
- "mongosh --eval 'db.runCommand(\"ping\")' --quiet"
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 3
Comment on lines +93 to +112
Copy link

@coderabbitai coderabbitai bot Nov 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Authentication mismatch between startup and readiness/liveness probes.

Same issue as in mongo-persistent.yaml: readinessProbe and livenessProbe lack credentials while startupProbe authenticates. This will cause readiness/liveness probe failures once MongoDB enforces authentication.

Apply the same fix as in mongo-persistent.yaml to add authentication:

             readinessProbe:
               exec:
                 command:
                 - /bin/bash
                 - -c
-                - "mongosh --eval 'db.runCommand(\"ping\")' --quiet"
+                - "mongosh admin --authenticationDatabase admin -u \"$MONGO_INITDB_ROOT_USERNAME\" -p \"$MONGO_INITDB_ROOT_PASSWORD\" --eval 'db.runCommand(\"ping\")' --quiet"
               initialDelaySeconds: 30
               periodSeconds: 10
               timeoutSeconds: 5
               failureThreshold: 3
             livenessProbe:
               exec:
                 command:
                 - /bin/bash
                 - -c
-                - "mongosh --eval 'db.runCommand(\"ping\")' --quiet"
+                - "mongosh admin --authenticationDatabase admin -u \"$MONGO_INITDB_ROOT_USERNAME\" -p \"$MONGO_INITDB_ROOT_PASSWORD\" --eval 'db.runCommand(\"ping\")' --quiet"
               initialDelaySeconds: 60
               periodSeconds: 30
               timeoutSeconds: 10
               failureThreshold: 3
🤖 Prompt for AI Agents 
In tests/e2e/sample-applications/mongo-persistent/mongo-persistent-csi.yaml
around lines 93 to 112, the readinessProbe and livenessProbe exec commands call
mongosh without credentials while the startupProbe uses authentication; update
both probes to use the same authentication options as the startupProbe (e.g.,
add --username, --password and --authenticationDatabase or switch to the same
authenticated connection string used by startupProbe) so the probes can
authenticate once MongoDB enforces auth; ensure shell quoting/escaping matches
the startupProbe invocation.

startupProbe:
exec:
command:
- bash
- -c
- |
mongosh admin --authenticationDatabase admin -u "$MONGO_INITDB_ROOT_USERNAME" -p "$MONGO_INITDB_ROOT_PASSWORD" --eval 'db.adminCommand("ping")'
initialDelaySeconds: 5
periodSeconds: 30
timeoutSeconds: 2
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 40 # 40x30sec before restart pod
failureThreshold: 12 # 12x10sec = 2min before restart pod
- image: docker.io/curlimages/curl:8.5.0
name: curl-tool
command: ["/bin/sleep", "infinity"]
Expand Down
37 changes: 27 additions & 10 deletions tests/e2e/sample-applications/mongo-persistent/mongo-persistent.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ items:
spec:
serviceAccountName: mongo-persistent-sa
containers:
- image: docker.io/library/mongo:latest
- image: docker.io/library/mongo:7.0
imagePullPolicy: IfNotPresent
name: mongo
securityContext:
Expand All @@ -96,28 +96,45 @@ items:
- containerPort: 27017
name: mongo
resources:
limits:
requests:
memory: 512Mi
limits:
memory: 1Gi
volumeMounts:
- name: mongo-data
mountPath: /data/db
livenessProbe:
tcpSocket:
port: mongo
initialDelaySeconds: 5
readinessProbe:
exec:
command:
- /bin/bash
- -c
- "mongosh --eval 'db.runCommand(\"ping\")' --quiet"
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
livenessProbe:
exec:
command:
- /bin/bash
- -c
- "mongosh --eval 'db.runCommand(\"ping\")' --quiet"
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 3
Comment on lines +106 to +125
Copy link

@coderabbitai coderabbitai bot Nov 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Authentication mismatch between startup and readiness/liveness probes.

The readinessProbe and livenessProbe execute mongosh without credentials (lines 106-115, 116-125), while the startupProbe (line 127+) authenticates using MONGO_INITDB_ROOT_USERNAME and MONGO_INITDB_ROOT_PASSWORD. Since MongoDB is initialized with root credentials via environment variables, the readiness and liveness probes will fail with authentication errors, preventing the pod from becoming ready even after startup succeeds.

Apply this diff to add authentication to both probes:

             readinessProbe:
               exec:
                 command:
                 - /bin/bash
                 - -c
-                - "mongosh --eval 'db.runCommand(\"ping\")' --quiet"
+                - "mongosh admin --authenticationDatabase admin -u \"$MONGO_INITDB_ROOT_USERNAME\" -p \"$MONGO_INITDB_ROOT_PASSWORD\" --eval 'db.runCommand(\"ping\")' --quiet"
               initialDelaySeconds: 30
               periodSeconds: 10
               timeoutSeconds: 5
               failureThreshold: 3
             livenessProbe:
               exec:
                 command:
                 - /bin/bash
                 - -c
-                - "mongosh --eval 'db.runCommand(\"ping\")' --quiet"
+                - "mongosh admin --authenticationDatabase admin -u \"$MONGO_INITDB_ROOT_USERNAME\" -p \"$MONGO_INITDB_ROOT_PASSWORD\" --eval 'db.runCommand(\"ping\")' --quiet"
               initialDelaySeconds: 60
               periodSeconds: 30
               timeoutSeconds: 10
               failureThreshold: 3
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
readinessProbe:
exec:
command:
- /bin/bash
- -c
- "mongosh --eval 'db.runCommand(\"ping\")' --quiet"
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
livenessProbe:
exec:
command:
- /bin/bash
- -c
- "mongosh --eval 'db.runCommand(\"ping\")' --quiet"
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 3
readinessProbe:
exec:
command:
- /bin/bash
- -c
- "mongosh admin --authenticationDatabase admin -u \"$MONGO_INITDB_ROOT_USERNAME\" -p \"$MONGO_INITDB_ROOT_PASSWORD\" --eval 'db.runCommand(\"ping\")' --quiet"
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
livenessProbe:
exec:
command:
- /bin/bash
- -c
- "mongosh admin --authenticationDatabase admin -u \"$MONGO_INITDB_ROOT_USERNAME\" -p \"$MONGO_INITDB_ROOT_PASSWORD\" --eval 'db.runCommand(\"ping\")' --quiet"
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 3

startupProbe:
exec:
command:
- bash
- -c
- |
mongosh admin --authenticationDatabase admin -u "$MONGO_INITDB_ROOT_USERNAME" -p "$MONGO_INITDB_ROOT_PASSWORD" --eval 'db.adminCommand("ping")'
initialDelaySeconds: 5
periodSeconds: 30
timeoutSeconds: 2
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 40 # 40x30sec before restart pod
failureThreshold: 12 # 12x10sec = 2min before restart pod
- image: docker.io/curlimages/curl:8.5.0
name: curl-tool
command: ["/bin/sleep", "infinity"]
Expand Down