GitHub - akoserwal/authzed-postgresql: U...
# spicedbo
oupwcup
12/01/2023, 6:18 AMHi team I understand its pretty common to run migrate in a separate docker container, i did sth like this repo https://github.com/akoserwal/authzed-postgresql
however we have some internal infra constraint, I see the base image has entrypoint to spicedb. Given bash is not available, I wonder if there's way to do spicedb migarte and serve in the same dockerfile?
v
vroldanbet
12/01/2023, 10:33 AMyou can use the debug container, which does have a shell available: https://hub.docker.com/layers/authzed/spicedb/v1.28.0-debug/images/sha256-aa003d598441b4b668c6fe0b29bdca9ae205306e0d8ef7b67cd234e18f4bed6e?context=explore
What are the infra constraints? How are you running SpiceDB, is this inside kubernetes?
vroldanbet
12/01/2023, 10:34 AMAlso please note that it's not as simple as "running migrate". Some migrations need orchestration. That's one of the many reasons we recommend using the SpiceDB operator when possible, because it knows how to apply migrations via an "update graph".
vroldanbet
12/01/2023, 10:35 AMIf you just run
migrateo
oupwcup
12/01/2023, 11:42 AMthanks for the reply!
Yeah but i guess debug container is not suitable for production environment?
infra constraints - we are likely only able to do it without kubernetes. currently im running a api container, spicedb as a sidecar, the problem with migration container is that it completes migration and shutdown, which cannot pass our internal health check
oupwcup
12/01/2023, 11:43 AMappreciate if any suggestions
v
vroldanbet
12/01/2023, 11:54 AMThere are various options that occur to me, one is that you create your own SpiceDB container with whatever works for you. Another option is to create your own SpiceDB binary that runs Migration as part of the startup process. You can basically take SpiceDB's
main.goo
oupwcup
12/01/2023, 12:22 PMfirst option, is this sth multistage dockerfile can do? I wonder if you have any examples, thanks!
v
vroldanbet
12/01/2023, 12:58 PMYou don't need to build your own stuff if in the end you are going to tinker with the execution of the container. You could play around with entrypoints and stuff as described in https://www.baeldung.com/linux/docker-cmd-multiple-commands, and create a shell script that first runs migrate and then SpiceDB. Then you'll need to make sure that OS signals that are sent to the shell process are also sent to their children, https://veithen.io/2014/11/16/sigterm-propagation.html describes a bit how to do this
vroldanbet
12/01/2023, 1:03 PMbut this really seems like an important limitation of whatever in house platform you are using. short lived processes are fairly common.
vroldanbet
12/01/2023, 1:26 PMColleague also pointed to https://github.com/Yelp/dumb-init
o
oupwcup
12/04/2023, 6:11 AMis migrate command no longer available via zed?
v
vroldanbet
12/04/2023, 11:36 AMI don't think migrate was ever available in zed? That'd be news to me
o
oupwcup
12/04/2023, 11:51 PMhmm.. was searching in threads
https://discord.com/channels/844600078504951838/900405749405089812/948242955553095740
v
vroldanbet
12/05/2023, 11:07 AMthat was my bad, corrected my comment