Run spicedb as github action service SpiceDB #spicedb

Run spicedb as github action service

tonnenpinguin

02/10/2025, 12:17 PM

Hi all! I've been trying to run spicedb as a service in a github action that looks something like this

Copy code

jobs:
  build:
    runs-on: ubuntu-latest
    container: hexpm/elixir
    services:
      spicedb:
        image: authzed/spicedb
        env:
          SPICEDB_LOG_FORMAT: console
        
      postgres:
        image: postgres:14
    steps:
      - uses: actions/checkout@v4

The problem I keep facing is that since GitHub [still doesn't support](https://github.com/actions/runner/discussions/1872) passing commands I couldn't find a way to run

spicedb serve-testing

in the github workflow. I found [authzed/action-spicedb](github.com/authzed/action-spicedb) but as others have reported that only seems to work if the workflow is running on the host. I tried to override the containers entrypoint but for the life of me couldn't get it to accept a flag 😦 The only thing I can think about is to create our own image and overwrite the entrypoint there (similar to how it's done in the authzed gh action) Did somebody figure out a more elegant way to do this ?

vroldanbet

02/10/2025, 12:34 PM

can you help me understand in which scenarios the workflow is not running on the host?

vroldanbet

02/10/2025, 12:35 PM

Perhaps you could explore installing the process in the runner node and see if that allows you to customize the command. I believe the release process pushes so you should be able to use ubuntu / debian package manager to install it

vroldanbet

02/10/2025, 12:36 PM

other than that, I don't see an alternative to building a custom docker image that has serve-testing as entry point

tonnenpinguin

02/10/2025, 2:12 PM

When setting jobs.build.container we use a container (in my example

hexpm/elixir

) to run the workflow. Basically we're trying to get around setting up our whole build environment within the github action and instead offload the initial setup to a docker container. > you should be able to use ubuntu / debian package manager to install it Ah, that's a great idea! Had my blinders on 🙈 Following the [installation docs](https://authzed.com/docs/spicedb/getting-started/install/debian#installing-spicedb-using-apt-get) and then just running

spicedb serve-testing &

did the trick. Thanks! 🙂

vroldanbet

02/10/2025, 3:35 PM

great to hear, if you have an example to share that'd be great, so we can put it in our public docs, our you could contribute your recommendations to it a well https://github.com/authzed/docs

tonnenpinguin

03/12/2025, 12:19 PM

Essentially I just added these two steps to my github workflow:

Copy code

jobs:
  build:
    runs-on: ubuntu-latest
    container: hexpm/elixir:1.16.0-erlang-26.0.2-debian-bookworm-20231009-slim
    services:
      postgres:
        image: postgres:14
        env:
          POSTGRES_PASSWORD: postgres
        options: >-
          --health-cmd pg_isready
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
    steps:
      - uses: actions/checkout@v4
      - name: Install Native dependencies
        run: apt update && apt install -y build-essential curl
      - name: Install SpiceDB
        run: |
          curl -sS https://pkg.authzed.com/apt/gpg.key | gpg --dearmor --yes -o /etc/apt/keyrings/spicedb.gpg
          echo "deb [signed-by=/etc/apt/keyrings/spicedb.gpg] https://pkg.authzed.com/apt/ * *"  | tee /etc/apt/sources.list.d/authzed.list
          chmod 644 /etc/apt/sources.list.d/authzed.list
          apt update && apt install spicedb
      - name: Start SpiceDB
        run: spicedb serve-testing &

Subsequent steps can then use the running spicedb instance 🙂

17 Views

Previous Next