Fix/docker network

.env-jenkins-docker

@@ -1,14 +1,15 @@
 POSTGRES_USER=postgres
 POSTGRES_PASSWORD=postgres
-POSTGRES_HOST=localhost
+POSTGRES_HOST=protectedplanet-db
 POSTGRES_DBNAME=pp_development
 POSTGRES_MULTIPLE_EXTENSIONS=postgis,hstore,postgis_topology
-REDIS_URL=redis://localhost:6379/0
-ELASTIC_SEARCH_URL=http://elastic:elastic@localhost:9200
-WEBPACKER_DEV_SERVER_HOST=localhost
+REDIS_URL=redis://protectedplanet-redis:6379/0
+ELASTIC_SEARCH_URL=http://elastic:elastic@protectedplanet-elasticsearch:9200
+WEBPACKER_DEV_SERVER_HOST=protectedplanet-webpacker
 xpack.security.enabled=false
 discovery.type=single-node
 RAILS_ENV=development
 NODE_ENV=development
 PP_HOST=localhost:3000
-
+API_PATH=.
+SSH_AUTH_SOCK=/ssh-agent

Jenkinsfile

@@ -134,7 +134,7 @@ pipeline {
 def buildProject() {
     sh 'echo "Building Project.............."'
     sh "cp .env-jenkins-docker .env"
-    sh "docker-compose -f ${COMPOSE_FILE} --project-name=${JOB_NAME} build"
+    sh "docker-compose -f ${COMPOSE_FILE} --project-name=${JOB_NAME} build web db redis sidekiq elasticsearch kibana webpacker"
 }
 
 def prepare() {

docker-compose.yml

@@ -9,10 +9,14 @@ services:
       - protectedplanet_node_modules:/ProtectedPlanet/node_modules
       - protectedplanet_import_data:/import_data
       - protectedplanet_bundler:/usr/local/bundle
-      - ${SSH_AUTH_SOCK}:${SSH_AUTH_SOCK}
-    network_mode: host
+      # - /run/host-services/ssh-auth.sock:/ssh-agent # Use this setting for Mac OS X and comment out ${SSH_AUTH_SOCK}:/ssh-agent below
+      - ${SSH_AUTH_SOCK}:/ssh-agent
+    ports:
+      - "3000:3000"
+    networks:
+      - protectedplanet
     environment:
-      - SSH_AUTH_SOCK=${SSH_AUTH_SOCK}
+      - SSH_AUTH_SOCK=/ssh-agent
     env_file:
       - '.env'
     depends_on:
@@ -25,7 +29,10 @@ services:
   db:
     container_name: protectedplanet-db
     image: kartoza/postgis:11.5-2.5
-    network_mode: host
+    ports:
+      - "5432:5432"
+    networks:
+      - protectedplanet
     env_file:
       - '.env'
     volumes:
@@ -34,7 +41,10 @@ services:
   redis:
     container_name: protectedplanet-redis
     image: redis
-    network_mode: host
+    ports:
+      - "6379:6379"
+    networks:
+      - protectedplanet
     env_file:
       - '.env'
     volumes:
@@ -45,7 +55,8 @@ services:
       - .:/ProtectedPlanet
       - protectedplanet_node_modules:/ProtectedPlanet/node_modules
       - protectedplanet_import_data:/import_data
-    network_mode: host
+    networks:
+      - protectedplanet
     depends_on:
       - db
       - redis
@@ -65,18 +76,24 @@ services:
       memlock:
         soft: -1
         hard: -1
-    network_mode: host
+    ports:
+      - "9200:9200"
+    networks:
+      - protectedplanet
     env_file:
       - '.env'
     volumes:
       - 'protectedplanet_es_data:/usr/share/elasticsearch/data'
   kibana:
     image: docker.elastic.co/kibana/kibana:8.6.0
     environment:
-      - ELASTICSEARCH_HOSTS=http://localhost:9200
+      - ELASTICSEARCH_HOSTS=http://protectedplanet-elasticsearch:9200
     env_file:
       - '.env'
-    network_mode: host
+    ports:
+      - "5601:5601"
+    networks:
+      - protectedplanet
 
   webpacker:
     container_name: protectedplanet-webpacker
@@ -88,19 +105,26 @@ services:
       - .:/ProtectedPlanet
       - protectedplanet_node_modules:/ProtectedPlanet/node_modules
       - protectedplanet_bundler:/usr/local/bundle
-    network_mode: host
+    ports:
+      - "3035:3035"
+    networks:
+      - protectedplanet
 
   api:
     container_name: protectedplanet-api
     build:
       context: ${API_PATH}
-    command: /bin/bash -l -c "bundle exec rackup"
+    command: /bin/bash -l -c "bundle exec rackup --host 0.0.0.0"
     volumes:
       - ${API_PATH}:/ProtectedPlanetApi
-      - ${SSH_AUTH_SOCK}:${SSH_AUTH_SOCK}
-    network_mode: host
+      # - /run/host-services/ssh-auth.sock:/ssh-agent # Use this setting for Mac OS X and comment out ${SSH_AUTH_SOCK}:/ssh-agent below
+      - ${SSH_AUTH_SOCK}:/ssh-agent
+    ports:
+      - "9292:9292"
+    networks:
+      - protectedplanet
     environment:
-      - SSH_AUTH_SOCK=${SSH_AUTH_SOCK}
+      - SSH_AUTH_SOCK=/ssh-agent
     env_file:
       - ${API_PATH}/.env
     depends_on:
@@ -109,6 +133,9 @@ services:
     tty: true
     profiles: ['api']
 
+networks:
+  protectedplanet:
+    driver: bridge
 
 volumes:
   protectedplanet_pg_data:

docs/docker.md

@@ -82,7 +82,13 @@ docker exec -it protectedplanet-web rake search:reindex
 ## Step 5: API setup (optional)
 The [Protected Planet API](https://github.com/unepwcmc/protectedplanet-api) is a separate Sinatra/Grape application that uses the same database and is included as a service in the docker-compose.yml.
 
-To use this service, you need to add the path to your local protectedplanet-api directory in your .env file under the `API_PATH` key.
+To use this service, you need to:
+- add the path to your local protectedplanet-api directory in your .env file under the `API_PATH` key.
+- set the environment variables in the pp-api .env to match the PP docker configuration, e.g:
+```
+POSTGRES_HOST=protectedplanet-db
+POSTGRES_PASSWORD=postgres
+```
 
 The api service has an 'api' profile and so does not start automatically with `docker compose up`. You can either run it alongside all of the standard ProtectedPlanet services with:
 ```
@@ -113,6 +119,8 @@ sudo docker exec -it protectedplanet-api cap staging deploy
 ### Troubleshooting:
 - `SSH_AUTH_SOCK` not found: make sure `echo ${SSH_AUTH_SOCK}` returns a path to your ssh agent
 
+- For Mac OS X Please make sure you use `/run/host-services/ssh-auth.sock:/ssh-agent` for ssh agent path in docker-compose.yml file
+
 - if yarn integrity problems appear: temporary fix `docker run web yarn install`
 
 - if CMS seeds downloading fails, remove `db/cms_seeds` and retry