Allow Mongo entrypoint to read existing db data under hardening #17

Workflow file for this run

.github/workflows/stack-smoke.yml at 0266d5d

	name: Stack Smoke

	on:
	workflow_dispatch:
	pull_request:
	branches:
	- main
	- dev
	push:
	branches:
	- main
	- dev

	jobs:
	smoke:
	runs-on: ubuntu-latest
	timeout-minutes: 40

	steps:
	- name: Check Out
	uses: actions/checkout@v4

	- name: Prepare CI Env
	shell: bash
	run: \|
	set -Eeuo pipefail

	mkdir -p secrets
	# Compose still mounts the gcp_sa secret into api/rag_api, but this CI lane
	# does not authenticate to Google or use Vertex. A stub file is enough.
	if [[ ! -f secrets/gcp-sa.json ]]; then
	printf '{}' > secrets/gcp-sa.json
	fi

	cat > .env <<'EOF'
	APP_TITLE=LibreChat CI
	ENDPOINTS=openAI,agents
	DOMAIN_CLIENT=http://localhost:3081
	DOMAIN_SERVER=http://localhost:3081
	NO_INDEX=true
	TRUST_PROXY=1

	RAG_PORT=8000
	BUNDLER_PORT=31234

	MEILI_MASTER_KEY=ci_meili_master_key
	MEILI_LOG_LEVEL=WARN
	JWT_SECRET=ci_jwt_secret_1234567890
	JWT_REFRESH_SECRET=ci_jwt_refresh_secret_1234567890

	MONGO_ROOT_USER=lc_root
	MONGO_ROOT_PASSWORD=lc_root_password
	MONGO_APP_USER=lc_app
	MONGO_APP_PASSWORD=lc_app_password

	POSTGRES_DB=librechat
	POSTGRES_USER=postgres
	POSTGRES_PASSWORD=postgres

	EMBEDDINGS_PROVIDER=openai
	EMBEDDINGS_MODEL=text-embedding-3-small
	PDF_EXTRACT_IMAGES=False

	OPENAI_API_KEY=public
	OPENAI_MODELS=big-pickle
	OPENAI_REVERSE_PROXY=https://opencode.ai/zen/v1
	OPENAI_TITLE_MODEL=big-pickle

	EGRESS_PROXY_URL=http://egress-proxy:3128
	DOCKER_LOG_MAX_SIZE=10m
	DOCKER_LOG_MAX_FILE=3
	NO_PROXY=localhost,127.0.0.1,::1,mongodb,chat-mongodb,meilisearch,vectordb,rag_api,sandpack,sandpack-static,caddy-static-proxy,api-proxy,egress-proxy,code-interpreter-api

	LIBRECHAT_CODE_BASEURL=http://code-interpreter-api:8000
	LIBRECHAT_CODE_API_KEY=ci-local-code-key
	CODE_INTERPRETER_PORT=8001
	CODE_INTERPRETER_IMAGE=ghcr.io/usnavy13/librecodeinterpreter:dev
	CODE_INTERPRETER_MINIO_ACCESS_KEY=ci_minio_user
	CODE_INTERPRETER_MINIO_SECRET_KEY=ci_minio_password
	CODE_INTERPRETER_MINIO_BUCKET=code-interpreter-files
	CODE_INTERPRETER_LOG_LEVEL=WARNING
	CODE_INTERPRETER_REPL_ENABLED=false
	CODE_INTERPRETER_SANDBOX_POOL_ENABLED=false

	SEARXNG_API_KEY=ci-searxng-api-key
	SEARXNG_INSTANCE_URL_INTERNAL=http://searxng-auth:8080
	SEARXNG_INSTANCE_URL=http://searxng:8080
	SEARXNG_BASE_URL=http://searxng:8080/
	SEARXNG_SECRET=ci-searxng-secret
	SEARXNG_PORT=8080

	FIRECRAWL_API_KEY=ci-firecrawl
	FIRECRAWL_API_URL=http://firecrawl-api:3002
	FIRECRAWL_VERSION=v2
	FIRECRAWL_LOG_LEVEL=warn
	FIRECRAWL_BULL_AUTH_KEY=ci-firecrawl-bull-auth
	FIRECRAWL_MAX_CONCURRENT_JOBS=2
	FIRECRAWL_NUM_WORKERS_PER_QUEUE=2
	FIRECRAWL_CRAWL_CONCURRENT_REQUESTS=4
	FIRECRAWL_BROWSER_POOL_SIZE=2
	FIRECRAWL_MAX_CONCURRENT_PAGES=4

	JINA_API_KEY=ci-jina
	JINA_API_URL=http://jina-reranker:8000/librechat/v1/rerank
	JINA_RERANKER_PORT=8787
	JINA_RERANKER_MODEL_NAME=jinaai/jina-reranker-v1-tiny-en
	JINA_RERANKER_IMAGE=librechat-jina-reranker:da638699-tiny-en
	JINA_RERANKER_LOG_LEVEL=WARNING
	JINA_RERANKER_MAX_BATCH_SIZE=2
	JINA_RERANKER_OMP_NUM_THREADS=1

	LIBRECHAT_WEB_SEARCH_RESULT_COUNT=3
	LIBRECHAT_WEB_SEARCH_MAX_SOURCES=2
	LIBRECHAT_WEB_SEARCH_HIGHLIGHT_COUNT=2
	LIBRECHAT_WEB_SEARCH_SOURCE_CHAR_LIMIT=8000
	LIBRECHAT_WEB_SEARCH_SNIPPET_CHAR_LIMIT=300
	LIBRECHAT_WEB_SEARCH_HIGHLIGHT_CHAR_LIMIT=350
	EOF

	- name: Log In To GHCR
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.actor }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Run Stack Smoke
	shell: bash
	run: \|
	chmod +x scripts/ci/smoke.sh
	export SMOKE_CLEAN_VOLUMES=1
	./scripts/ci/smoke.sh

	- name: Upload Smoke Diagnostics
	if: failure()
	uses: actions/upload-artifact@v4
	with:
	name: stack-smoke-diagnostics
	path: ci_artifacts/
	if-no-files-found: warn
	retention-days: 7

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Allow Mongo entrypoint to read existing db data under hardening #17

Workflow file

Allow Mongo entrypoint to read existing db data under hardening #17

Uh oh!

Workflow file for this run