recipe-maintainers/plausible
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(clickhouse): require backup tool — abort if fetch fails after retries
Some checks failed
cc-ci/testme cc-ci: failure
Details

Browse Source 
Make the clickhouse-backup install REQUIRED: if it cannot be fetched
after all retries the entrypoint aborts (non-zero exit, set -e) and
clickhouse-server is not started, so the deploy fails loudly rather than
coming up without backup/restore capability.
This commit is contained in:
notplants
2026-06-09 15:10:07 +00:00
parent 71234e23e0
commit 2ab49fab62
1 changed files with 9 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
entrypoint.clickhouse.sh
View File

@ -10,10 +10,12 @@
# Hardening (no behaviour change when the download succeeds first try): # Hardening (no behaviour change when the download succeeds first try):
# - cache the binary on the PERSISTENT clickhouse data volume (/var/lib/clickhouse) so it is fetched # - cache the binary on the PERSISTENT clickhouse data volume (/var/lib/clickhouse) so it is fetched
# at most once and reused on every container restart (no re-download amplification); # at most once and reused on every container restart (no re-download amplification);
# - retry with backoff; # - retry with backoff to ride out transient GitHub failures;
# - NEVER let a download failure block the server start (best-effort: the server comes up, backup/
# restore degrade until the next successful fetch);
# - un-silenced so a failure is diagnosable in `docker service logs`. # - un-silenced so a failure is diagnosable in `docker service logs`.
#
# Policy: clickhouse-backup is REQUIRED. If it cannot be installed after all retries the entrypoint
# aborts (non-zero exit) and the server is NOT started — we deliberately fail the deploy loudly rather
# than come up silently without backup/restore capability.
set -e set -e
@ -54,11 +56,12 @@ install_clickhouse_backup() {
echo "clickhouse-backup: fetch attempt ${attempt} failed; backing off $((attempt * 10))s" >&2 echo "clickhouse-backup: fetch attempt ${attempt} failed; backing off $((attempt * 10))s" >&2
sleep $((attempt * 10)) sleep $((attempt * 10))
done done
echo "clickhouse-backup: fetch FAILED after retries — starting clickhouse-server WITHOUT the backup tool (backup/restore unavailable until a later restart fetches it)" >&2 echo "clickhouse-backup: fetch FAILED after all retries — aborting; clickhouse-server will NOT start (backup tool is required)" >&2
return 1 return 1
} }
# Best-effort: the server MUST start even if the backup-tool fetch fails (it is not a server dependency). # Required: if the backup tool cannot be installed after retries, abort (set -e) so the deploy fails
install_clickhouse_backup || true # loudly instead of coming up without backup/restore capability.
install_clickhouse_backup
exec /entrypoint.sh exec /entrypoint.sh