Search code examples
postgresqldockergitlabgitlab-cigitlab-ci-runner

Why is postgres container ignoring /docker-entrypoint-initdb.d/* in Gitlab CI

Gitlab CI keeps ignoring the sql-files in /docker-entrypoint-initdb.d/* in this project.

here is docker-compose.yml:

version: '3.6'

services:

  testdb:
    image: postgres:11
    container_name: lbsn-testdb
    restart: always
    ports:
      - "65432:5432"
    volumes:
      - ./testdb/init:/docker-entrypoint-initdb.d

here is .gitlab-ci.yml:

stages:
  - deploy

deploy:
  stage: deploy
  image: debian:stable-slim
  script:
    - bash ./deploy.sh

The deployment script basically uses rsync to deploy the content of the repository to to the server via SSH:

rsync -rav --chmod=Du+rwx,Dgo-rwx,u+rw,go-rw -e "ssh -l gitlab-ci" --exclude=".git" --delete ./ "gitlab-ci@$DEPLOY_SERVER:test/"

and then ssh's into the server to stop and restart the container:

ssh "gitlab-ci@$DEPLOY_SERVER" "cd test && docker-compose down && docker-compose up --build --detach"

This all goes well, but when the container starts up, it is supposed to run all the files that are in /docker-entrypoint-initdb.d/* as we can see here.

But instead, when doing docker logs -f lbsn-testdb on the server, I can see it stating

/usr/local/bin/docker-entrypoint.sh: ignoring /docker-entrypoint-initdb.d/*

and I have no clue, why that happens. When running this container locally or even when I ssh to that server, clone the repo and bring up the containers manually, it all goes well and parses the sql-files. Just not when the Gitlab CI does it.

Any ideas on why that is?

Solution

  • This has been easier than I expected, and fatally nothing to do with Gitlab CI but with file permissions.

    I passed --chmod=Du+rwx,Dgo-rwx,u+rw,go-rw to rsync which looked really secure because only the user can do stuff. I confess that I propably copypasted it from somewhere on the internet. But then the files are mounted to the Docker container, and in there they have those permissions as well:

    -rw------- 1 1005 1004 314 May  8 15:48 100-create-database.sql

    On the host my gitlab-ci user owns those files, they are obviously also owned by some user with ID 1005 in the container as well, and no permissions are given to other users than this one.

    Inside the container the user who does things is postgres though, but it can't read those files. Instead of complaining about that, it just ignores them. That might be something to create an issue about…

    Now that I pass --chmod=D755,F644 it looks like that:

    -rw-r--r--  1 1005 1004  314 May  8 15:48 100-create-database.sql

    and the docker logs say

    /usr/local/bin/docker-entrypoint.sh: running /docker-entrypoint-initdb.d/100-create-database.sql

    Too easy to think of in the first place :-/