Update staging compose for demo/preview deployments#1181
Open
Conversation
Update docker-compose.staging.yml to serve as the standard config for staging, demo, and branch preview environments: - Remove local Postgres (DB is always external via DATABASE_IP) - Add RabbitMQ container for Celery task broker - Add NATS container (was present but commented out in depends_on) - Add restart:always to all services - Switch from .envs/.local/.postgres to .envs/.production/.postgres - Remove hardcoded container_name on NATS (allows multiple instances) - Remove awscli service (backups handled by TeamCity) - RabbitMQ credentials configured via .envs/.production/.django, not hardcoded in compose Add compose/staging/docker-compose.db.yml as an optional convenience for running a local PostgreSQL container when no external DB is available (e.g., ood environment, local testing). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
gunicorn 20.x requires pkg_resources from setuptools, which was removed in setuptools 82+. Fresh Docker image builds fail with ModuleNotFoundError on startup. gunicorn 23 drops the pkg_resources dependency entirely. Closes #1180 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
✅ Deploy Preview for antenna-ssec canceled.
|
✅ Deploy Preview for antenna-preview canceled.
|
Contributor
|
Warning Rate limit exceeded
⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. 📝 WalkthroughWalkthroughStaging compose now provides an optional local Postgres file and moves Redis, RabbitMQ, and NATS to local containers while Django uses an external DATABASE_IP for Postgres. Gunicorn bumped from 20.1.0 to 23.0.0 in requirements. Changes
Sequence Diagram(s)sequenceDiagram
participant Dev as Developer / CI
participant Compose as docker-compose (staging)
participant Django as Django container
participant Postgres as Postgres (external or compose.db)
participant Redis as Redis
participant Rabbit as RabbitMQ
participant NATS as NATS
Dev->>Compose: up -d (docker-compose.staging.yml)
Compose->>Redis: start
Compose->>Rabbit: start
Compose->>NATS: start
Compose->>Django: start (depends_on checks)
Django->>Postgres: connect via DATABASE_IP / env_file
Django->>Redis: cache/session usage
Django->>Rabbit: publish/consume tasks
Django->>NATS: pub/sub telemetry
Rabbit->>Celery: deliver tasks (celery workers)
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
📝 Coding Plan
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 3
🧹 Nitpick comments (1)
docker-compose.staging.yml (1)
68-70: Bind RabbitMQ management UI to localhost by default.Line 69 exposes
15672broadly; in staging/demo this is safer as localhost-bound unless remote admin access is explicitly needed.Proposed hardening
ports: - - "15672:15672" + - "127.0.0.1:15672:15672"🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@docker-compose.staging.yml` around lines 68 - 70, The ports mapping currently exposes the RabbitMQ management UI publicly via the line with "15672:15672"; change the ports entry so the management port is bound to localhost only (e.g., use a host IP prefix like 127.0.0.1:15672:15672) under the same ports block so the service still restarts as configured (restart: always) but the management UI is only accessible from the host machine.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@compose/staging/docker-compose.db.yml`:
- Around line 5-17: The comments are ambiguous about DB connectivity modes
(Docker network vs host bridge). Update the header comments in
compose/staging/docker-compose.db.yml to clearly state which mode the stack
expects: if the app uses POSTGRES_HOST=db (container-to-container via Docker
network) remove or reword the DATABASE_IP/host-bridge instructions;
alternatively, if the intended workflow requires the host bridge and
DATABASE_IP, change the POSTGRES_HOST guidance accordingly and explain when to
start the DB with docker compose -f compose/staging/docker-compose.db.yml up -d
vs when to set DATABASE_IP for the app compose. Ensure you reference
POSTGRES_HOST and DATABASE_IP and mention the two compose files
(compose/staging/docker-compose.db.yml and docker-compose.staging.yml) so
readers know which mode each file supports.
- Around line 35-36: The compose file currently publishes PostgreSQL on all
interfaces via the ports mapping `ports: - "5432:5432"`; change this to bind to
localhost by replacing it with `ports: - "127.0.0.1:5432:5432"` (or remove the
ports mapping entirely and rely on an internal network) so Postgres only listens
on loopback for staging/demo unless external access is explicitly required;
update any documentation or scripts that expect an externally accessible port
accordingly.
In `@docker-compose.staging.yml`:
- Around line 14-15: The rabbitmq service is missing an env_file so it doesn't
pick up RABBITMQ_DEFAULT_USER/RABBITMQ_DEFAULT_PASS from
.envs/.production/.django; update the rabbitmq service definition to add an
env_file pointing to .envs/.production/.django (so the RABBITMQ_DEFAULT_USER and
RABBITMQ_DEFAULT_PASS values are loaded) and remove or override any conflicting
environment: entries if present; ensure the service name "rabbitmq" and the
variables RABBITMQ_DEFAULT_USER / RABBITMQ_DEFAULT_PASS are used consistently
with Django's CELERY_BROKER_URL.
---
Nitpick comments:
In `@docker-compose.staging.yml`:
- Around line 68-70: The ports mapping currently exposes the RabbitMQ management
UI publicly via the line with "15672:15672"; change the ports entry so the
management port is bound to localhost only (e.g., use a host IP prefix like
127.0.0.1:15672:15672) under the same ports block so the service still restarts
as configured (restart: always) but the management UI is only accessible from
the host machine.
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 3cbcc483-c4ef-463f-8d20-ba97a05053c7
📒 Files selected for processing (3)
compose/staging/docker-compose.db.ymldocker-compose.staging.ymlrequirements/base.txt
Contributor
There was a problem hiding this comment.
Pull request overview
Updates the staging Docker Compose setup to be a shared baseline for staging/demo/branch-preview deployments by running Redis/RabbitMQ/NATS locally while connecting to an external Postgres via DATABASE_IP, and upgrades Gunicorn to avoid fresh-build failures on slim Python images.
Changes:
- Upgrade
gunicornto23.0.0. - Revise
docker-compose.staging.ymlto remove the local Postgres service and add local RabbitMQ + NATS (with restarts and updated env-file usage). - Add an optional
compose/staging/docker-compose.db.ymlfor running a local Postgres container.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 5 comments.
| File | Description |
|---|---|
| requirements/base.txt | Bumps Gunicorn to 23.0.0. |
| docker-compose.staging.yml | Reworks staging compose to use external DB + local Redis/RabbitMQ/NATS. |
| compose/staging/docker-compose.db.yml | Adds an optional local Postgres compose for staging-like setups. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Add env_file to rabbitmq service so it picks up
RABBITMQ_DEFAULT_USER/RABBITMQ_DEFAULT_PASS from .django env
- Use ${DATABASE_IP:?} required-variable syntax for fail-fast on
missing config
- Bind local Postgres to 127.0.0.1 instead of 0.0.0.0
- Clarify DB compose comments: document host-bridge connectivity
via DATABASE_IP, remove ambiguous "Docker network" wording
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Internal services (Redis, RabbitMQ, NATS) don't need host port exposure — only the app containers talk to them via the Docker network. Removing host ports means multiple instances (branch previews, worktrees) never conflict on these ports. Django and Flower ports are now configurable via DJANGO_PORT and FLOWER_PORT env vars (default 5001 and 5550). Also use host-gateway (works on all platforms) instead of platform-specific Docker bridge IPs in DB compose docs. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Setup instructions for single and multi-instance staging deployments, covering environment configuration, database options, migrations, sample data, and port management for running multiple instances on the same host. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
docker-compose.staging.ymlto serve as the standard config for staging, demo, and branch preview environments: local Redis, RabbitMQ, NATS containers with an external database viaDATABASE_IPcompose/staging/docker-compose.db.ymlas an optional convenience for running a local PostgreSQL containerModuleNotFoundError: No module named 'pkg_resources'on fresh Docker builds)Staging compose changes
DATABASE_IPin.envs/.production/.compose)depends_on(was commented out)restart: alwaysto all services.envs/.local/.postgresto.envs/.production/.postgrescontainer_nameon NATS (allows multiple instances on same host / worktrees)awscliservice (backups handled by TeamCity).envs/.production/.django, not hardcoded in composeUsage
Environments this supports
ami-db-primaryfieldguide-dbdocker-compose.db.ymlRelates to RolnickLab/ami-devops#1, RolnickLab/ami-admin#66
Closes #1180
Test plan
docker compose config🤖 Generated with Claude Code
Summary by CodeRabbit