ci: docker ci

[GaoNeng-wWw]

PR

PR Checklist

Please check if your PR fulfills the following requirements:

• The commit message follows our Commit Message Guidelines
• Tests for the changes have been added (for bug fixes / features)
• Docs have been added / updated (for bug fixes / features)

PR Type

What kind of change does this PR introduce?

• Bugfix
• Feature
• Code style update (formatting, local variables)
• Refactoring (no functional changes, no api changes)
• Build related changes
• CI related changes
• Documentation content changes
• Other... Please describe:

What is the current behavior?

Issue Number: N/A

What is the new behavior?

现在可以在PR下评论/cmd docker --check来对本次PR进行docker构建与运行检查

Does this PR introduce a breaking change?

• Yes
• No

Other information

Summary by CodeRabbit

• New Features

  • Introduced Docker health check workflow that can be triggered via pull request comments to validate service dependencies, connectivity, and overall health status during development and code review.

• Chores

  • Refactored end-to-end test workflow for improved code organization.
  • Enhanced continuous integration setup with environment configuration and Docker Compose definitions to support automated testing.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Introduces a new GitHub Actions workflow for Docker health checks triggered via pull request comments, adds CI environment configuration, and includes a Docker Compose setup defining MySQL, Redis, and backend services. The e2e-test workflow is reformatted without logic changes.

Changes

Cohort / File(s)	Summary
GitHub Actions workflows \.github/workflows/docker-check\.yaml, \.github/workflows/e2e-test\.yml	New Docker health-check workflow triggered on PR issue comments; performs service health verification and reports status back to PR. e2e-test workflow reformatted with no functional changes.
NestJS CI Configuration template/nestJs/.env-ci, template/nestJs/docker-compose-ci\.yml	New CI environment configuration file with database, Redis, auth, and feature flags. New Docker Compose setup defining MySQL 8, Redis, and backend service with inter-service networking and volume mounts.

Sequence Diagram(s)

sequenceDiagram
    actor User
    participant GitHub as GitHub Actions
    participant Docker as Docker Compose
    participant MySQL
    participant Redis
    participant Backend
    participant HealthCheck as HTTP Check
    participant PR as PR Comment

    User->>GitHub: Comment `/cmd docker --check` on PR
    GitHub->>PR: Post initial status (pending)
    GitHub->>Docker: Build & start services
    Docker->>MySQL: Start MySQL service
    Docker->>Redis: Start Redis service
    Docker->>Backend: Build & start backend
    Backend->>MySQL: Wait for readiness
    Backend->>Redis: Connect to Redis
    rect rgb(200, 255, 200)
        Note over HealthCheck: Health Check Phase
        GitHub->>HealthCheck: Poll /health endpoint
        HealthCheck->>Backend: HTTP request
        Backend-->>HealthCheck: 200 OK
    end
    alt Health Check Success
        GitHub->>PR: Post success status & logs link
    else Health Check Failure
        GitHub->>Docker: Fetch service logs
        GitHub->>PR: Post failure status & full CI logs link
    end
    GitHub->>Docker: Shutdown services

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

• docker-check.yaml: Review workflow logic, conditional branches, status update mechanisms, and comment reuse pattern
• docker-compose-ci.yml: Verify service configurations, networking setup, volume mounts, and environment variable injection
• .env-ci: Validate all environment variables are properly set and match expected NestJS application requirements
• .github/workflows/e2e-test.yml: Minimal review needed; confirm reformatting does not alter intended behavior

Poem

🐰 A rabbit runs the Docker check,
With MySQL, Redis—what the heck!
Health checks ping through the night,
Services dance, statuses bright.
PRs pass with fluffy delight! 🚀✨

Pre-merge checks and finishing touches

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'ci: docker ci' is vague and repetitive, using non-descriptive phrasing that doesn't clearly convey the specific purpose of the changes.	Consider using a more descriptive title like 'ci: add Docker health-check workflow triggered by comment command' to better clarify the feature being added.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 4

🧹 Nitpick comments (5)

template/nestJs/.env-ci (1)

4-4: Consider documenting CI-only credential usage.

Hardcoded credentials (root/root for database, secret for auth) are present. While acceptable for CI environments, consider adding a comment clarifying these are CI-only values to prevent accidental production use.

Also applies to: 8-8

template/nestJs/docker-compose-ci.yml (3)

1-1: Remove outdated compose version specification.

The version: "3" field is obsolete in modern Docker Compose (v2+). The Compose specification no longer requires or recommends version pinning.

Apply this diff:

-version: "3"
-
 services:

---

12-13: Consider using modern MySQL authentication.

--mysql-native-password=ON enables the legacy authentication plugin. Modern MySQL 8 defaults to caching_sha2_password, which is more secure. If your application supports it, consider removing this flag or migrating to the modern auth plugin.

---

29-31: Add health checks to ensure service readiness.

depends_on only ensures services start in order, not that they're ready to accept connections. The back service may attempt to connect before MySQL/Redis are ready, causing startup failures.

Consider adding health checks:

   mysql:
     image: mysql:8
     restart: always
     environment:
       MYSQL_ROOT_PASSWORD: root
       MYSQL_DATABASE: demo_tiny_pro
     ports:
       - "3306:3306"
     command:
       - --mysql-native-password=ON
+    healthcheck:
+      test: ["CMD", "mysqladmin", "ping", "-h", "localhost"]
+      interval: 5s
+      timeout: 5s
+      retries: 10
   redis:
     image: redis
     ports:
       - "6379:6379"
+    healthcheck:
+      test: ["CMD", "redis-cli", "ping"]
+      interval: 5s
+      timeout: 5s
+      retries: 10
   back:
     # ... existing config ...
     depends_on:
-      - mysql
-      - redis
+      mysql:
+        condition: service_healthy
+      redis:
+        condition: service_healthy

.github/workflows/docker-check.yaml (1)

42-52: Consider aligning timeout strategies.

"Wait Service" times out at 60s, but the health check curl can retry for ~100s (20 retries × 5s). Consider documenting this two-stage wait strategy or aligning the timeouts for consistency.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between bf2c8a0 and d1e0857.

📒 Files selected for processing (4)

• .github/workflows/docker-check.yaml (1 hunks)
• .github/workflows/e2e-test.yml (1 hunks)
• template/nestJs/.env-ci (1 hunks)
• template/nestJs/docker-compose-ci.yml (1 hunks)

🧰 Additional context used

🪛 actionlint (1.7.9)

.github/workflows/docker-check.yaml

26-26: the runner of "peter-evans/create-or-update-comment@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

---

56-56: the runner of "peter-evans/create-or-update-comment@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

---

72-72: the runner of "peter-evans/create-or-update-comment@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: e2e-test

🔇 Additional comments (2)

.github/workflows/e2e-test.yml (1)

1-46: LGTM! Formatting changes only.

The workflow structure and logic remain unchanged. The reformatting improves consistency.

template/nestJs/docker-compose-ci.yml (1)

19-21: Verify dockerfile exists in template/nestJs/.

The build references dockerfile (lowercase). Ensure this file exists at the correct location with the correct filename case.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Update action to v4 for Node.js 20 compatibility.

Based on static analysis, peter-evans/create-or-update-comment@v3 uses an outdated runner. GitHub Actions now requires Node.js 20.

Apply this diff to update all three usages:

-        uses: peter-evans/create-or-update-comment@v3
+        uses: peter-evans/create-or-update-comment@v4

Also applies to: 56-56, 72-72

🧰 Tools

🪛 actionlint (1.7.9)

26-26: the runner of "peter-evans/create-or-update-comment@v3" action is too old to run on GitHub Actions. update the action's version to fix this issue

(action)

🤖 Prompt for AI Agents

.github/workflows/docker-check.yaml around lines 26, 56 and 72: the workflow
uses peter-evans/create-or-update-comment@v3 which is incompatible with Node.js
20; update each occurrence to peter-evans/create-or-update-comment@v4 (replace
@v3 with @v4 at lines 26, 56 and 72) so the action uses the v4 release that
supports the newer runner.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Wait condition may pass prematurely.

The check waits for at least 1 service to be running (>= 1), but docker-compose-ci.yml defines 3 services (mysql, redis, back). This could allow the workflow to proceed before all services are ready.

Apply this diff to wait for all services:

           timeout 60 bash -c '
-            until [[ "$(docker compose -f docker-compose-ci.yml ps --services --filter "status=running" | wc -l)" -ge 1 ]]; do
+            until [[ "$(docker compose -f docker-compose-ci.yml ps --services --filter "status=running" | wc -l)" -eq 3 ]]; do
               sleep 2
             done
           '

Alternatively, wait only for the critical back service:

           timeout 60 bash -c '
-            until [[ "$(docker compose -f docker-compose-ci.yml ps --services --filter "status=running" | wc -l)" -ge 1 ]]; do
+            until docker compose -f docker-compose-ci.yml ps back | grep -q "Up"; do
               sleep 2
             done
           '

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	- name: Wait Service
	working-directory: ./template/nestJs
	run: |
	timeout 60 bash -c '
	until [[ "$(docker compose -f docker-compose-ci.yml ps --services --filter "status=running" | wc -l)" -ge 1 ]]; do
	sleep 2
	done
	'
	- name: Wait Service
	working-directory: ./template/nestJs
	run: |
	timeout 60 bash -c '
	until [[ "$(docker compose -f docker-compose-ci.yml ps --services --filter "status=running" | wc -l)" -eq 3 ]]; do
	sleep 2
	done
	'

Suggested change

	- name: Wait Service
	working-directory: ./template/nestJs
	run: |
	timeout 60 bash -c '
	until [[ "$(docker compose -f docker-compose-ci.yml ps --services --filter "status=running" | wc -l)" -ge 1 ]]; do
	sleep 2
	done
	'
	- name: Wait Service
	working-directory: ./template/nestJs
	run: |
	timeout 60 bash -c '
	until docker compose -f docker-compose-ci.yml ps back | grep -q "Up"; do
	sleep 2
	done
	'

🤖 Prompt for AI Agents

.github/workflows/docker-check.yaml around lines 42 to 49: the current wait loop
checks for >= 1 running service which can pass before mysql and redis are ready;
change the condition to wait for all three services by testing for >= 3 running
services (or, if only the application depends on the backend, replace the count
check with a check that the specific service name "back" is running). Update the
until condition accordingly and keep the same timeout/sleep logic so the
workflow only proceeds when the required services are up.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Ensure cleanup runs even on failure.

The shutdown step lacks if: always(), so services remain running if earlier steps fail, wasting CI resources.

Apply this diff:

       - name: Shutdown Service
+        if: always()
         working-directory: ./template/nestJs
         run: docker compose -f docker-compose-ci.yml down

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	- name: Shutdown Service
	working-directory: ./template/nestJs
	run: docker compose -f docker-compose-ci.yml down
	- name: Shutdown Service
	if: always()
	working-directory: ./template/nestJs
	run: docker compose -f docker-compose-ci.yml down

🤖 Prompt for AI Agents

.github/workflows/docker-check.yaml around lines 80 to 82: the "Shutdown
Service" step currently runs "docker compose ... down" but does not include a
condition to always run; modify the step to include "if: always()" so it
executes regardless of previous step outcome, ensuring containers are stopped
and resources cleaned up even when earlier steps fail.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Inconsistent host configuration with docker-compose overrides.

DATABASE_HOST and REDIS_HOST are set to 'localhost' here, but docker-compose-ci.yml overrides them to 'mysql' and 'redis' (service names). This mismatch creates confusion and maintenance risk.

Consider setting the correct values directly in .env-ci:

-DATABASE_HOST = 'localhost'
+DATABASE_HOST = 'mysql'

-REDIS_HOST = 'localhost'
+REDIS_HOST = 'redis'

This makes the configuration self-documenting and reduces reliance on docker-compose overrides.

Also applies to: 10-10

🤖 Prompt for AI Agents

In template/nestJs/.env-ci around lines 1 to 1 (and also check lines 10-10),
DATABASE_HOST (and REDIS_HOST) are set to 'localhost' which contradicts
docker-compose-ci.yml that uses service names; update DATABASE_HOST to the MySQL
service name (mysql) and REDIS_HOST to the Redis service name (redis), remove
the unnecessary single quotes so values are the literal service names, and
ensure any other occurrences in the file (notably the referenced lines 10-10)
are updated to match.