fix(ci): cd.yaml B5 integration test 修 docker network 隔離 (run 984/985 root cause)

連續 2 次 CD fail (run 984 + 985) 真因: - act runner 把 ci-runner container 跑在獨立 user-defined network - cd.yaml line 159-167 docker run pg-test-b5 沒 --network → 預設 host bridge - ci-runner 看不到 host bridge IP 172.17.0.2:5432 → timeout - host SSH 直連 PG 健康 (確認 PG 沒問題,純網路隔離) 修復: + 動態抓 act task network: docker network ls | grep '^GITEA-ACTIONS-TASK-[0-9]+_WORKFLOW-.*-network$' + pg-test-b5 加入該 network: --network=$ACT_NET (找不到時 fallback bridge) + 連線改 container name 'pg-test-b5' (不依賴 IP) 驗證: 本 commit push 後 CI 自己跑就是 E2E 驗證 Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-19 13:19:04 +08:00
parent 7e4d83e66e
commit b636d3b30b
1 changed files with 13 additions and 9 deletions
--- a/.gitea/workflows/cd.yaml
+++ b/.gitea/workflows/cd.yaml
@@ -147,6 +147,10 @@ jobs:
      # B5: Gitea act runner 的 services: 實作與 GitHub Actions 不同
      # service container 啟動後需直連，但 act 的 container name 可能為空
      # 2026-04-10 ogt: 改用 docker run 本地啟動取代 services: 宣告
+      # 2026-04-19 ogt + Claude Opus 4.7: cd 連續 2 次 fail (run 984/985)
+      #   真因: act runner 把 ci-runner 跑在獨立 user-defined network,
+      #         pg-test-b5 預設用 host bridge → 兩邊隔離無法連 (172.17.0.2 timeout)
+      #   修法: 把 pg-test-b5 加入 act task 的 network,用 container name 連線
      - name: Integration Tests (B5 — 真實 DB)
        run: |
          cd apps/api
@@ -154,29 +158,29 @@ jobs:
          if ! command -v psql &>/dev/null; then
            apt-get install -y -q postgresql-client
          fi
-          # 啟動測試 DB — 用 container IP 直連，避免 DinD port mapping 問題
-          # 2026-04-10 Claude Sonnet 4.6: -p 15433:5432 在 act runner 內 localhost 不通
+          # 找 act runner 為本 task 創的 network (Gitea act 命名: GITEA-ACTIONS-TASK-XXX_*-network)
+          ACT_NET=$(docker network ls --format '{{.Name}}' | grep -E '^GITEA-ACTIONS-TASK-[0-9]+_WORKFLOW-.*-network$' | head -1)
+          echo "Detected act task network: ${ACT_NET:-<none, will fall back to bridge>}"
+          # 啟動測試 DB — 加入 act network,後續用 container name 'pg-test-b5' 連線
          docker rm -f pg-test-b5 2>/dev/null || true
          docker run -d --name pg-test-b5 \
+            ${ACT_NET:+--network=$ACT_NET} \
            -e POSTGRES_DB=awoooi_test \
            -e POSTGRES_USER=awoooi \
            -e POSTGRES_PASSWORD=awoooi_test_2026 \
            pgvector/pgvector:pg16
-          # 取得 container IP
-          PG_IP=$(docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' pg-test-b5)
-          echo "PG container IP: $PG_IP"
-          # 等待就緒（用 container IP，最多 60 秒）
+          # 等待就緒（用 container name,最多 60 秒）
          for i in $(seq 1 30); do
-            PGPASSWORD=awoooi_test_2026 pg_isready -h "$PG_IP" -p 5432 -U awoooi && break || sleep 2
+            PGPASSWORD=awoooi_test_2026 pg_isready -h pg-test-b5 -p 5432 -U awoooi && break || sleep 2
          done
          # 初始化 schema
          PGPASSWORD=awoooi_test_2026 psql \
-            -h "$PG_IP" -p 5432 -U awoooi -d awoooi_test \
+            -h pg-test-b5 -p 5432 -U awoooi -d awoooi_test \
            -f tests/integration/setup_test_schema.sql
          # 跑測試
          # B5 整合測試嚴格模式 (2026-04-13 ogt: 恢復 Break-Glass 移除)
          # -m integration: override pyproject.toml addopts "-m 'not integration'"，讓標記測試可執行
-          TEST_DATABASE_URL="postgresql+asyncpg://awoooi:awoooi_test_2026@${PG_IP}:5432/awoooi_test?ssl=disable" \
+          TEST_DATABASE_URL="postgresql+asyncpg://awoooi:awoooi_test_2026@pg-test-b5:5432/awoooi_test?ssl=disable" \
            /opt/api-venv/bin/pytest tests/integration/test_b5_core_flows.py -v --tb=short -m integration
          # 清理
          docker rm -f pg-test-b5 || true