Add Docker setup and CI pipeline for n8n and Temporal workflow automa… #4
Conversation
…tion with documentation. - Added GitHub Actions workflow with Dockerfile linting - Created Dockerfiles for n8n and Temporal services - Added docker-compose.yml for orchestration - Updated .gitignore to exclude volumes - Enhanced README with setup instructions
WalkthroughThis update introduces a multi-service Docker Compose environment integrating n8n, Temporal, PostgreSQL, and OpenSearch, with custom Dockerfiles for n8n and Temporal. The README is fully rewritten to provide comprehensive setup and usage instructions. The Changes
Sequence Diagram(s)sequenceDiagram
participant User
participant Docker Compose
participant n8n
participant Temporal
participant PostgreSQL
participant OpenSearch
participant Temporal UI
User->>Docker Compose: docker-compose up
Docker Compose->>n8n: Build and start (Dockerfile.n8n)
Docker Compose->>PostgreSQL: Start postgres service
Docker Compose->>OpenSearch: Start opensearch service
Docker Compose->>Temporal: Build and start (Dockerfile.temporal)
Docker Compose->>Temporal UI: Start temporal-ui service
n8n->>User: Expose port 5678 (web UI)
Temporal->>PostgreSQL: Connect for DB backend
Temporal->>OpenSearch: Connect for search
Temporal UI->>Temporal: Connect via gRPC (port 7233)
Temporal UI->>User: Expose port 8080 (UI access)
Possibly related PRs
📜 Recent review detailsConfiguration used: CodeRabbit UI 📒 Files selected for processing (1)
✅ Files skipped from review due to trivial changes (1)
⏰ Context from checks skipped due to timeout of 90000ms (1)
🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
There was a problem hiding this comment.
Pull Request Overview
This PR introduces a Docker setup and CI pipeline for running n8n and Temporal services in a coordinated environment. Key changes include:
- Adding a docker-compose configuration for n8n and Temporal (with supporting services such as PostgreSQL, Elasticsearch, and a Temporal UI)
- Enhancing the README with detailed instructions on building, starting, and troubleshooting the services
- Introducing GitHub Actions workflows for code quality checks and Dockerfile linting
Reviewed Changes
Copilot reviewed 4 out of 6 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| docker-compose.yml | Added definitions for n8n, Temporal services, and custom local volumes |
| README.md | Updated documentation with usage instructions and troubleshooting tips |
| .github/workflows/code-quality.yml | Added/modified CI workflows for linting and SonarQube scanning |
Files not reviewed (2)
- Dockerfile.n8n: Language not supported
- Dockerfile.temporal: Language not supported
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 2
🧹 Nitpick comments (12)
.gitignore (1)
137-137: Refine the volume ignore pattern.
The current patternvolumeswill ignore any file or directory namedvolumesanywhere, which may unintentionally skip other resources. To be more precise, consider specifying it as a directory with a trailing slash:-volumes +volumes/README.md (2)
35-35: Shorten and strengthen the wording.
The current sentence is a bit verbose. A more concise phrasing could read:-If you've made changes to the Dockerfiles, you'll need to rebuild the images: +Rebuild Docker images after modifying the Dockerfiles:🧰 Tools
🪛 LanguageTool
[style] ~35-~35: Consider shortening or rephrasing this to strengthen your wording.
Context: ... ### Building custom images If you've made changes to the Dockerfiles, you'll need to rebuild...(MAKE_CHANGES)
64-65: Avoid bare URLs in Markdown.
Linters flag bare URLs; wrap them or use link text to improve readability:-- **n8n**: http://localhost:5678 +- **n8n**: <http://localhost:5678> -- **Temporal UI**: http://localhost:8080 +- **Temporal UI**: <http://localhost:8080>🧰 Tools
🪛 markdownlint-cli2 (0.17.2)
64-64: Bare URL used
null(MD034, no-bare-urls)
65-65: Bare URL used
null(MD034, no-bare-urls)
.github/workflows/code-quality.yml (2)
17-19: Implement actual linting in thelintjob.
Thelintjob currently only echoes"Linting...". To enforce code quality, replace or extend this step with real linting commands (e.g., ESLint, Stylelint, etc.).
32-32: Remove trailing whitespace.
YAML linters report a trailing-space error on this line. Please delete any extraneous spaces at the end.🧰 Tools
🪛 YAMLlint (1.35.1)
[error] 32-32: trailing spaces
(trailing-spaces)
docker-compose.yml (7)
1-2: Specify a Compose file version.While Compose v3+ supports version-less files, pinning a version (e.g.,
'3.8'or'3.9') at the top improves clarity and ensures compatibility across environments. For example:version: '3.8' services: ...
3-14: Add a healthcheck and unify environment syntax for then8nservice.
- Convert
environmentto mapping style for consistency:environment: WEBHOOK_URL: http://localhost:5678/- Include a
healthcheckto verify the service is ready before other containers interact with it:healthcheck: test: ["CMD", "curl", "-f", "http://localhost:5678/"] interval: 30s timeout: 10s retries: 3
17-36: Add a healthcheck for theelasticsearchservice.To ensure that Temporal connects only once Elasticsearch is fully initialized, include:
healthcheck: test: ["CMD-SHELL", "curl -f http://localhost:9200/ || exit 1"] interval: 30s timeout: 10s retries: 5
37-50: Avoid hardcoding database credentials inpostgresql.For improved security and flexibility, move
POSTGRES_USER,POSTGRES_PASSWORD, andPOSTGRES_DBinto an.envfile or useenv_file:. Example:services: postgresql: env_file: .env# .env POSTGRES_USER=temporal POSTGRES_PASSWORD=temporal POSTGRES_DB=temporal
51-63: Add a healthcheck and improve startup ordering fortemporal.
depends_ondoes not wait for service readiness. Define a healthcheck and consider a wait-for-it script:temporal: ... healthcheck: test: ["CMD-SHELL", "curl -f http://localhost:7233/ || exit 1"] interval: 30s timeout: 10s retries: 5
64-75: Add a healthcheck and unify environment syntax fortemporal-ui.Convert
environmentto mapping style and include a healthcheck:temporal-ui: ... environment: TEMPORAL_ADDRESS: temporal:7233 TEMPORAL_PERMIT_WRITE_API: "true" healthcheck: test: ["CMD-SHELL", "curl -f http://localhost:8080/health || exit 1"] interval: 30s timeout: 10s retries: 3
97-99: Remove trailing spaces and ensure a newline at EOF.The
driver: bridgeline has a trailing space, and the file should end with a newline. Apply:-networks: - app-network: - driver: bridge +networks: + app-network: + driver: bridge +🧰 Tools
🪛 YAMLlint (1.35.1)
[error] 99-99: no new line character at the end of file
(new-line-at-end-of-file)
[error] 99-99: trailing spaces
(trailing-spaces)
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (6)
.github/workflows/code-quality.yml(1 hunks).gitignore(1 hunks)Dockerfile.n8n(1 hunks)Dockerfile.temporal(1 hunks)README.md(1 hunks)docker-compose.yml(1 hunks)
🧰 Additional context used
🪛 GitHub Actions: Code Quality
Dockerfile.n8n
[warning] 1-1: Hadolint warning DL3007: Using 'latest' tag is prone to errors if the image updates. Pin the version explicitly to a release tag.
🪛 LanguageTool
README.md
[style] ~35-~35: Consider shortening or rephrasing this to strengthen your wording.
Context: ... ### Building custom images If you've made changes to the Dockerfiles, you'll need to rebuild...
(MAKE_CHANGES)
🪛 markdownlint-cli2 (0.17.2)
README.md
64-64: Bare URL used
null
(MD034, no-bare-urls)
65-65: Bare URL used
null
(MD034, no-bare-urls)
🪛 YAMLlint (1.35.1)
.github/workflows/code-quality.yml
[error] 32-32: trailing spaces
(trailing-spaces)
docker-compose.yml
[error] 99-99: no new line character at the end of file
(new-line-at-end-of-file)
[error] 99-99: trailing spaces
(trailing-spaces)
🔇 Additional comments (1)
Dockerfile.temporal (1)
1-1: Great use of an explicit versioned base image.
Pinning totemporalio/auto-setup:1.20ensures reproducible builds. The environment variables and healthcheck configuration look well‑structured.
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (1)
Dockerfile.n8n (1)
14-15: Consider dropping root privileges by specifying a non-root user.
For better security, explicitly add:USER nodeafter your setup steps (if the base image hasn’t already switched to
node) to adhere to the principle of least privilege.
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
Dockerfile.n8n(1 hunks)
🔇 Additional comments (2)
Dockerfile.n8n (2)
1-2: Pinned base image version is correct.
Pinning ton8nio/n8n:1.22.0ensures reproducible builds and addresses the previous warning against usinglatest.
3-9: No action required for ENV and WORKDIR.
The environment variables (N8N_PORT,NODE_ENV) and the working directory are configured appropriately.
- Replace direct path mapping for n8n_data volume with named volume reference - Replace direct path mapping for elasticsearch-data volume with named volume reference - Replace direct path mapping for postgresql-data volume with named volume reference
There was a problem hiding this comment.
Actionable comments posted: 2
🧹 Nitpick comments (6)
docker-compose.yml (6)
1-2: Add explicit Compose file version
Including aversion: '3.8'(or another compatible schema version) at the top makes the file schema explicit and helps avoid compatibility issues across different Docker Compose releases.
3-14: Enhance n8n service resilience with restart policy and healthcheck
Currently the n8n container has no restart policy or health probe. Consider adding:restart: unless-stopped healthcheck: test: ["CMD", "curl", "-f", "http://localhost:5678/healthz"] interval: 30s timeout: 10s retries: 3This ensures the service will recover on failure and that dependent services can verify its readiness.
37-50: Refine PostgreSQL port exposure and credential management
Exposing Postgres on the host may be unnecessary in production. If it’s only used internally, consider removing- "5432:5432". Also, moving sensitive values (user/password/db) into an.envfile improves security and flexibility:-postgresql: - environment: - POSTGRES_USER: temporal - POSTGRES_PASSWORD: temporal - POSTGRES_DB: temporal +postgresql: + environment: + POSTGRES_USER: ${POSTGRES_USER} + POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} + POSTGRES_DB: ${POSTGRES_DB}Then define those in
.env.
64-75: Add restart policy and healthcheck to Temporal UI
To improve reliability of the UI:temporal-ui: restart: unless-stopped healthcheck: test: ["CMD", "curl", "-f", "http://localhost:8080/ || exit 1"] interval: 30s timeout: 10s retries: 3This ensures the UI service recovers on failure and can be monitored.
77-96: Make host volume mounts more portable
Hard-coding${PWD}may not work on all platforms (e.g., Windows). Consider using a relative path or define aVOLUME_DIRin an.envfile:-volumes: - n8n_data: - driver_opts: - device: ${PWD}/volumes/n8n_data +volumes: + n8n_data: + driver_opts: + device: ${VOLUME_DIR}/n8n_dataThen in
.env:VOLUME_DIR=./volumes.
97-99: Remove trailing whitespace and add newline at end-of-file
YAMLlint flags a trailing space on line 99 (driver: bridge) and no final newline. Removing the extra space and ensuring a newline will satisfy common YAML linters.🧰 Tools
🪛 YAMLlint (1.35.1)
[error] 99-99: no new line character at the end of file
(new-line-at-end-of-file)
[error] 99-99: trailing spaces
(trailing-spaces)
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
docker-compose.yml(1 hunks)
🧰 Additional context used
🪛 YAMLlint (1.35.1)
docker-compose.yml
[error] 99-99: no new line character at the end of file
(new-line-at-end-of-file)
[error] 99-99: trailing spaces
(trailing-spaces)
- Enhanced Dockerfiles with explicit non-root users for n8n and Temporal - Added health check endpoints and metrics configuration to n8n - Improved healthcheck commands with proper shell form in Dockerfiles - Added service dependencies with health conditions in docker-compose.yml - Created check_services.sh script to verify all services accessibility - Added PostgreSQL and Elasticsearch healthcheck configurations - Updated README with service health checking documentation - Added IPC_LOCK capability for Elasticsearch container
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (8)
Dockerfile.n8n (1)
16-17: Explicit non-root user.
Although explicitly settingUSER nodeclarifies intent, the base image already defaults tonode. You can remove it for brevity or leave it with a comment explaining the override.README.md (3)
35-36: Rephrase for conciseness.
Consider tightening this line for clarity:- If you've made changes to the Dockerfiles, you'll need to rebuild the images: + After modifying the Dockerfiles, rebuild the images:🧰 Tools
🪛 LanguageTool
[style] ~35-~35: Consider shortening or rephrasing this to strengthen your wording.
Context: ... ### Building custom images If you've made changes to the Dockerfiles, you'll need to rebuild...(MAKE_CHANGES)
78-86: Specify code block language.
Add a language identifier to this fenced block for syntax highlighting. For example:- ``` + ```bash🧰 Tools
🪛 markdownlint-cli2 (0.17.2)
78-78: Fenced code blocks should have a language specified
null(MD040, fenced-code-language)
94-95: Avoid bare URLs.
Wrap URLs in backticks or turn them into links to satisfy Markdown style:- - **n8n**: http://localhost:5678 + - **n8n**: [`http://localhost:5678`](http://localhost:5678)🧰 Tools
🪛 markdownlint-cli2 (0.17.2)
94-94: Bare URL used
null(MD034, no-bare-urls)
95-95: Bare URL used
null(MD034, no-bare-urls)
scripts/check_services.sh (3)
1-4: Enable strict error handling.
Addset -euo pipefailafter the shebang to fail fast on errors and catch unset variables:+set -euo pipefail
12-23: Refine HTTP status check.
Treating 4xx codes as “accessible” may mask client errors (e.g., 404). If you only care about successful responses, adjust the threshold:- if [[ $response -ge 200 && $response -lt 500 ]]; then + if [[ $response -ge 200 && $response -lt 400 ]]; then
42-48: Avoid TTY allocation in scripts.
When runningdocker compose execin non-interactive contexts, use-Tto disable pseudo-TTY and prevent potential hangs:- docker compose exec postgresql pg_isready -h localhost -p 5432 -U temporal >/dev/null 2>&1 + docker compose exec -T postgresql pg_isready -h localhost -p 5432 -U temporal >/dev/null 2>&1docker-compose.yml (1)
119-121: Trailing whitespace & EOF newline.
Please remove the trailing space ondriver: bridgeand ensure the file ends with a single newline character.🧰 Tools
🪛 YAMLlint (1.35.1)
[error] 121-121: no new line character at the end of file
(new-line-at-end-of-file)
[error] 121-121: trailing spaces
(trailing-spaces)
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (5)
Dockerfile.n8n(1 hunks)Dockerfile.temporal(1 hunks)README.md(1 hunks)docker-compose.yml(1 hunks)scripts/check_services.sh(1 hunks)
🚧 Files skipped from review as they are similar to previous changes (1)
- Dockerfile.temporal
🧰 Additional context used
🪛 LanguageTool
README.md
[style] ~35-~35: Consider shortening or rephrasing this to strengthen your wording.
Context: ... ### Building custom images If you've made changes to the Dockerfiles, you'll need to rebuild...
(MAKE_CHANGES)
🪛 markdownlint-cli2 (0.17.2)
README.md
78-78: Fenced code blocks should have a language specified
null
(MD040, fenced-code-language)
94-94: Bare URL used
null
(MD034, no-bare-urls)
95-95: Bare URL used
null
(MD034, no-bare-urls)
🪛 YAMLlint (1.35.1)
docker-compose.yml
[error] 121-121: no new line character at the end of file
(new-line-at-end-of-file)
[error] 121-121: trailing spaces
(trailing-spaces)
🔇 Additional comments (10)
Dockerfile.n8n (4)
1-1: Pinned base image version.
Pinningn8nio/n8n:1.22.0ensures build reproducibility and guards against unexpected upstream changes.
4-7: Custom environment variables.
The environment variables (N8N_PORT,NODE_ENV,N8N_METRICS,N8N_HEALTH_CHECK_ENDPOINT) align with n8n’s configuration flags. Nice work.
10-11: Working directory setup.
SettingWORKDIR /home/node/.n8nmatches the base image’s expected directory for n8n’s data and workflows.
13-14: Healthcheck definition.
Using the shell form with|| exit 1is correct. Please verify thatcurlis available in the base image; if it isn’t, you may need to install it:+RUN apt-get update \ + && apt-get install -y --no-install-recommends curl \ + && rm -rf /var/lib/apt/lists/*scripts/check_services.sh (1)
35-40: Verifyncavailability.
The TCP check relies onnc(netcat). Ensure your environment or Docker image includesnc, or install it accordingly.docker-compose.yml (5)
21-47: Elasticsearch service configuration.
The addition ofIPC_LOCK,ulimits.memlock, and a healthcheck is well‑configured to ensure proper memory locking and service readiness.
48-68: PostgreSQL healthcheck and settings.
Usingpg_isreadywith a start period is correct for signaling database readiness to dependent services.
69-84: Temporal service orchestration.
Building fromDockerfile.temporaland waiting on healthy Postgres and Elasticsearch is a solid setup.
85-98: Temporal UI startup.
Usingcondition: service_startedis acceptable in the absence of a healthcheck on the Temporal container.
99-118: Named volumes binding.
Binding named volumes to host directories under./volumes/provides persistence while keeping data out of version control.
- Added new 'service-check' job in GitHub workflow - Implemented steps to build and start docker services for testing - Added verification step using scripts/check_services.sh - Included cleanup to ensure services are stopped after testing
There was a problem hiding this comment.
Actionable comments posted: 2
🧹 Nitpick comments (5)
.github/workflows/code-quality.yml (1)
32-32: Remove trailing whitespace
Line 32 contains trailing spaces which will trigger YAML lint errors. Please delete any extra spaces on this blank line.🧰 Tools
🪛 YAMLlint (1.35.1)
[error] 32-32: trailing spaces
(trailing-spaces)
docker-compose.yml (4)
66-76: Consider adding a healthcheck for the Temporal service
Without ahealthcheck, you can only useservice_startedfor dependencies. Adding one—e.g.:healthcheck: test: ["CMD-SHELL", "curl -sSf http://localhost:7233/health || exit 1"] interval: 30s timeout: 10s retries: 5will allow you to leverage
service_healthyand ensure Temporal is ready before consumers start.
82-90: Temporal UI dependency could leverage service_healthy
Sincetemporallacks a healthcheck,temporal-uiusesservice_started. If you add a healthcheck totemporal, you can switch this toservice_healthyfor stronger startup guarantees.
96-114: Improve portability of bind mounts
Using${PWD}/volumes/...for host paths can break on Windows or some CI environments. Consider relative paths (./volumes/...) or defining a variable in a.envfile (e.g.,HOST_VOLUMES_PATH) to avoid platform-specific issues.
118-118: Remove trailing space and add newline
There’s a trailing space afterbridgeon this line, and the file lacks a final newline. Removing the extra space and adding a newline will satisfy YAML parsers and linters.🧰 Tools
🪛 YAMLlint (1.35.1)
[error] 118-118: no new line character at the end of file
(new-line-at-end-of-file)
[error] 118-118: trailing spaces
(trailing-spaces)
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (2)
.github/workflows/code-quality.yml(1 hunks)docker-compose.yml(1 hunks)
🧰 Additional context used
🪛 actionlint (1.7.4)
.github/workflows/code-quality.yml
51-51: the runner of "docker/setup-buildx-action@v2" action is too old to run on GitHub Actions. update the action's version to fix this issue
(action)
🪛 YAMLlint (1.35.1)
.github/workflows/code-quality.yml
[error] 32-32: trailing spaces
(trailing-spaces)
docker-compose.yml
[error] 118-118: no new line character at the end of file
(new-line-at-end-of-file)
[error] 118-118: trailing spaces
(trailing-spaces)
🔇 Additional comments (7)
.github/workflows/code-quality.yml (4)
15-16: Checkout step for lint job is fine
Usingactions/checkout@v4is a good practice to pin the action.
24-29: SonarQube pipeline configuration looks good
Renaming the checkout and scan steps improves clarity, and settingfetch-depth: 0ensures SonarQube has full repository context.
33-43: Add hadolint job for Dockerfile linting
Great addition—linting bothDockerfile.n8nandDockerfile.temporalwith Hadolint will catch Dockerfile issues early.
44-61: Service-check job is well structured
This workflow builds services without cache, runs your health-check script, and ensures cleanup even on failure. It will improve reliability of your multi-service setup.🧰 Tools
🪛 actionlint (1.7.4)
51-51: the runner of "docker/setup-buildx-action@v2" action is too old to run on GitHub Actions. update the action's version to fix this issue
(action)
docker-compose.yml (3)
9-15: Verify the WEBHOOK_URL environment variable
Inside then8ncontainer,localhostrefers to itself, not the host network. If other services or external clients need to reach n8n, use the service hostname (e.g.,http://n8n:5678/) or surface this as a configurable value.
18-43: Elasticsearch configuration looks solid
You’ve added memory locking (IPC_LOCK), disabled security for local dev, and provided a healthcheck. The named volume mapping ensures persistent data.
45-64: PostgreSQL service is properly configured
Environment variables, healthcheck usingpg_isready, and a dedicated data volume are all in place—this will improve startup reliability.
- Changed Docker setup-buildx-action from v2 to v3 - Fixed step name from "Set up Docker Compose" to "Set up Docker Buildx"
There was a problem hiding this comment.
Actionable comments posted: 0
♻️ Duplicate comments (1)
.github/workflows/code-quality.yml (1)
17-18: Implement actual linting commands
Thelintjob currently just echoes a placeholder. Please replace this with your project's real lint command(s) (e.g.,npm run lint,flake8 ., etc.) to enforce code quality rather than printing a message.
🧹 Nitpick comments (3)
.github/workflows/code-quality.yml (3)
32-32: Remove trailing whitespace
YAML linting reports a trailing-space error on this line. Please remove the extra spaces at end‑of‑line to satisfyyamllint.🧰 Tools
🪛 YAMLlint (1.35.1)
[error] 32-32: trailing spaces
(trailing-spaces)
39-42: Leverage the official Hadolint GitHub Action
Instead of invokinghadolintviadocker run, you can use the dedicated action for better performance and built‑in caching. For example:- - name: Lint Dockerfile.n8n - run: docker run --rm -i hadolint/hadolint < Dockerfile.n8n - - name: Lint Dockerfile.temporal - run: docker run --rm -i hadolint/hadolint < Dockerfile.temporal + - name: Lint Dockerfiles + uses: hadolint/hadolint-action@v2 + with: + dockerfiles: | + Dockerfile.n8n + Dockerfile.temporal
52-53: Cache Docker layers to speed up CI
Rebuilding every image with--no-cachecan slow down your pipeline. Consider using Buildx’s cache export/import or GitHub Actions’ cache to persist build layers between runs.
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
.github/workflows/code-quality.yml(1 hunks)
🧰 Additional context used
🪛 YAMLlint (1.35.1)
.github/workflows/code-quality.yml
[error] 32-32: trailing spaces
(trailing-spaces)
🔇 Additional comments (2)
.github/workflows/code-quality.yml (2)
50-51: Excellent upgrade of Buildx setup
The step name accurately reflects its purpose, and bumpingdocker/setup-buildx-actionto@v3ensures compatibility with current runners.
56-57: Ensure health checks include retries/timeouts
Thescripts/check_services.shstep may run before services are fully ready, leading to flakiness. Please verify that the script implements retries or waits for health endpoints.Would you like assistance crafting a robust health‑check wrapper with backoff and timeouts?
- Changed healthcheck in Dockerfile.n8n from shell form to exec form for better practice - Changed healthcheck in Dockerfile.temporal from shell form to exec form for better practi
Add scripts/setup_volumes.sh for creating required volume directories Modify service-check job in code-quality.yml to run the volume setup script before testing
There was a problem hiding this comment.
Actionable comments posted: 0
♻️ Duplicate comments (1)
.github/workflows/code-quality.yml (1)
17-18: Implement real lint commands
TheRun lintingstep is currently just a placeholder (echo "Linting..."). Please replace this with your actual project lint commands (e.g.,npm ci && npm run lint,flake8 ., etc.) to enforce code quality in CI rather than skipping it.
🧹 Nitpick comments (4)
.github/workflows/code-quality.yml (4)
32-32: Remove trailing whitespace
There is trailing whitespace on this empty line, which can trigger YAML lint errors. Please delete the extra spaces.- # <-- remove spaces after this line🧰 Tools
🪛 YAMLlint (1.35.1)
[error] 32-32: trailing spaces
(trailing-spaces)
33-43: Use the official Hadolint Action for faster Dockerfile linting
Instead of invoking Hadolint viadocker run, consider using thehadolint/hadolint-actionGitHub Action. It’s faster, easier to configure, and supports caching.- - name: Lint Dockerfile.n8n - run: docker run --rm -i hadolint/hadolint < Dockerfile.n8n - - name: Lint Dockerfile.temporal - run: docker run --rm -i hadolint/hadolint < Dockerfile.temporal + - name: Lint Dockerfile.n8n + uses: hadolint/hadolint-action@v2 + with: + dockerfile: Dockerfile.n8n + + - name: Lint Dockerfile.temporal + uses: hadolint/hadolint-action@v2 + with: + dockerfile: Dockerfile.temporal
44-53: Add a timeout to the service-check job
Long-running compose up could hang if a service stalls. Consider addingtimeout-minutesat the job level to ensure CI fails gracefully if services don’t start in time.jobs: service-check: name: Service Availability Check + timeout-minutes: 10 runs-on: ubuntu-latest steps:
60-62: Ensure teardown always runs
Move theif: always()up to the top of the teardown step so thatdocker compose downis guaranteed to execute, even if earlier steps fail.- - name: Stop services - run: docker compose down - if: always() + - name: Stop services + if: always() + run: docker compose down
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (2)
.github/workflows/code-quality.yml(1 hunks)scripts/setup_volumes.sh(1 hunks)
✅ Files skipped from review due to trivial changes (1)
- scripts/setup_volumes.sh
🧰 Additional context used
🪛 YAMLlint (1.35.1)
.github/workflows/code-quality.yml
[error] 32-32: trailing spaces
(trailing-spaces)
- Add 10-minute timeout for service-check job - Ensure service cleanup runs even if previous steps fail with "if: always()" - Add "-v" flag to docker compose down to remove volumes after tests - Fix whitespace in SonarQube job
There was a problem hiding this comment.
Pull Request Overview
This PR adds a Docker setup and CI pipeline to orchestrate n8n and Temporal services for seamless deployment and automated quality checks.
- Introduces a complete Docker Compose configuration with custom Dockerfiles for n8n and Temporal services.
- Adds GitHub Actions workflows for linting (including Dockerfiles), SonarQube scanning, and service availability verification.
- Updates the README with detailed setup instructions and troubleshooting steps.
Reviewed Changes
Copilot reviewed 4 out of 8 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| docker-compose.yml | New multi-service compose file for n8n, Temporal, PostgreSQL, Elasticsearch, etc. |
| README.md | Updated documentation reflecting new setup information and service details. |
| .github/workflows/code-quality.yml | Added and enhanced CI/CD jobs for linting, Dockerfile checks, and service validation. |
Files not reviewed (4)
- Dockerfile.n8n: Language not supported
- Dockerfile.temporal: Language not supported
- scripts/check_services.sh: Language not supported
- scripts/setup_volumes.sh: Language not supported
Comments suppressed due to low confidence (2)
docker-compose.yml:3
- [nitpick] Consider explicitly setting a container_name for the n8n service so that it aligns with the container name referenced in the README and simplifies container log access.
n8n:
README.md:142
- [nitpick] The container name 'automatization-n8n-1' does not appear to be explicitly defined in the Docker Compose file; consider updating the README to match the actual container name or set it explicitly in the compose configuration.
docker logs automatization-n8n-1
…onment variables - Update n8n from 1.22.0 to 1.89.2 and change working directory - Update Temporal from 1.20 to 1.20.5 and configure with environment variables - Replace Elasticsearch with OpenSearch for Temporal visibility - Add environment variables for n8n and database configurations - Improve container restart policies with unless-stopped - Update documentation with volume setup instructions and troubleshooting - Add .gitignore entries for mcp executable, config files and .cursor - Fix volume paths and opensearch port mapping
There was a problem hiding this comment.
Actionable comments posted: 1
♻️ Duplicate comments (1)
docker-compose.yml (1)
11-12: 🛠️ Refactor suggestionRequire N8N_ENCRYPTION_KEY
Ensure theN8N_ENCRYPTION_KEYis provided by making it a required environment variable:services: n8n: environment: - - N8N_ENCRYPTION_KEY=$N8N_ENCRYPTION_KEY + - N8N_ENCRYPTION_KEY=${N8N_ENCRYPTION_KEY:?N8N_ENCRYPTION_KEY environment variable is required}
🧹 Nitpick comments (4)
README.md (3)
44-46: Refine section title
Consider rewording "### Building custom images" to "### Rebuilding images" to make it more concise.🧰 Tools
🪛 LanguageTool
[style] ~46-~46: Consider shortening or rephrasing this to strengthen your wording.
Context: ... ### Building custom images If you've made changes to the Dockerfiles, you'll need to rebuild...(MAKE_CHANGES)
88-89: Specify code block language
Add a language identifier to the fenced code block for syntax highlighting (e.g., ```bash).🧰 Tools
🪛 markdownlint-cli2 (0.17.2)
89-89: Fenced code blocks should have a language specified
null(MD040, fenced-code-language)
105-106: Avoid bare URLs
Use Markdown link syntax for service URLs to improve readability:-- n8n: http://localhost:5678 -- Temporal UI: http://localhost:8080 +- n8n: [http://localhost:5678](http://localhost:5678) +- Temporal UI: [http://localhost:8080](http://localhost:8080)🧰 Tools
🪛 markdownlint-cli2 (0.17.2)
105-105: Bare URL used
null(MD034, no-bare-urls)
106-106: Bare URL used
null(MD034, no-bare-urls)
docker-compose.yml (1)
107-110: Driver opts for local volumes
Binding host directories under${PWD}works but can be fragile across different OS environments. Consider using a relative path or Compose project variables for greater portability.
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (7)
.gitignore(2 hunks)Dockerfile.n8n(1 hunks)Dockerfile.temporal(1 hunks)README.md(1 hunks)docker-compose.yml(1 hunks)scripts/check_services.sh(1 hunks)scripts/setup_volumes.sh(1 hunks)
🚧 Files skipped from review as they are similar to previous changes (4)
- .gitignore
- scripts/setup_volumes.sh
- Dockerfile.temporal
- scripts/check_services.sh
🧰 Additional context used
🪛 LanguageTool
README.md
[style] ~46-~46: Consider shortening or rephrasing this to strengthen your wording.
Context: ... ### Building custom images If you've made changes to the Dockerfiles, you'll need to rebuild...
(MAKE_CHANGES)
🪛 markdownlint-cli2 (0.17.2)
README.md
89-89: Fenced code blocks should have a language specified
null
(MD040, fenced-code-language)
105-105: Bare URL used
null
(MD034, no-bare-urls)
106-106: Bare URL used
null
(MD034, no-bare-urls)
🔇 Additional comments (9)
Dockerfile.n8n (5)
1-2: Pinned base image to specific version
Good job pinning to1.89.2instead oflatest. This ensures reproducible builds.
4-7: ConsolidatedENVdeclarations
The custom environment variables are well-organized and clearly documented.
10-11: WORKDIR consistency
SettingWORKDIR /home/nodematches the non-rootnodecontext of the base image. Confirm that this path exists and has the correct permissions.
12-15: Verifycurlavailability for HEALTHCHECK
The healthcheck usescurl, but it’s not guaranteed that the base image includes it. Please confirm thatcurlis present or install it explicitly to avoid unexpected failures.
16-17: Non-root user context
Explicitly settingUSER nodeis good for security and matches the base image context.docker-compose.yml (4)
31-32: Port mapping vs. documentation mismatch
Opensearch is mapped to host port9201:9200, but the README refers to port9200. Confirm which port users should access and update the compose file or documentation accordingly.
76-80:depends_onwith health check conditions
Usingservice_healthyforpostgresqlandopensearchis excellent to avoid race conditions.
93-95:temporal-uihealth dependency
Thetemporal-uiservice correctly waits fortemporalto be healthy before starting.
124-127: Network declaration
The custom bridge networkapp-networkis defined and used by all services, ensuring proper isolation.
…lthchecks - Added .env.example file with configuration variables - Enhanced Dockerfiles with ARG variables for better customization - Updated healthchecks with improved parameters and container naming - Fixed OpenSearch port mapping to match documentation - Added missing healthcheck for temporal-ui service - Improved volume permissions in setup_volumes.sh script - Fixed README path reference to check_services.sh
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (5)
Dockerfile.temporal (2)
4-11: Avoid baking default credentials for production
Using defaulttemporal/temporalcredentials is convenient for development but poses security risks in production. Consider removing defaults or documenting a secure override mechanism (e.g., via CI secrets or.envfiles).
33-33: Add trailing newline
A newline at the end of the file improves POSIX compliance and avoids lint warnings.README.md (3)
46-46: Shorten the rebuild instruction
The phrase is verbose. Consider:**Rebuild images after updating Dockerfiles:**🧰 Tools
🪛 LanguageTool
[style] ~46-~46: Consider shortening or rephrasing this to strengthen your wording.
Context: ... ### Building custom images If you've made changes to the Dockerfiles, you'll need to rebuild...(MAKE_CHANGES)
89-89: Specify language for the code block
Add a language identifier (e.g., ```bash) to the fenced block for proper syntax highlighting.🧰 Tools
🪛 markdownlint-cli2 (0.17.2)
89-89: Fenced code blocks should have a language specified
null(MD040, fenced-code-language)
105-106: Convert bare URLs to markdown links
Wrap service URLs to improve readability and link rendering:- **n8n**: [http://localhost:5678](http://localhost:5678) - **Temporal UI**: [http://localhost:8080](http://localhost:8080)🧰 Tools
🪛 markdownlint-cli2 (0.17.2)
105-105: Bare URL used
null(MD034, no-bare-urls)
106-106: Bare URL used
null(MD034, no-bare-urls)
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (6)
.env.example(1 hunks)Dockerfile.n8n(1 hunks)Dockerfile.temporal(1 hunks)README.md(1 hunks)docker-compose.yml(1 hunks)scripts/setup_volumes.sh(1 hunks)
✅ Files skipped from review due to trivial changes (1)
- .env.example
🚧 Files skipped from review as they are similar to previous changes (3)
- scripts/setup_volumes.sh
- Dockerfile.n8n
- docker-compose.yml
🧰 Additional context used
🪛 LanguageTool
README.md
[style] ~46-~46: Consider shortening or rephrasing this to strengthen your wording.
Context: ... ### Building custom images If you've made changes to the Dockerfiles, you'll need to rebuild...
(MAKE_CHANGES)
🪛 markdownlint-cli2 (0.17.2)
README.md
89-89: Fenced code blocks should have a language specified
null
(MD040, fenced-code-language)
105-105: Bare URL used
null
(MD034, no-bare-urls)
106-106: Bare URL used
null
(MD034, no-bare-urls)
🔇 Additional comments (4)
Dockerfile.temporal (4)
1-1: Pinning base image version is good
The Temporal auto-setup image is pinned to1.20.5, ensuring reproducible builds.
9-10: Verify OpenSearch version compatibility
The defaultES_VERSION=v7might not align with the actual OpenSearch version defined indocker-compose.yml(e.g., OpenSearch 2.x). Please confirm and update this default to match your Compose service.
23-24: Healthcheck configuration follows best practices
The exec-form health check ensures Temporal reportsSERVINGbefore marking the container healthy.
27-30: Non-root user and port exposure are correctly set
Switching to thetemporaluser and exposing port7233aligns with security and service requirements.
…file - Modified dockerfiles to reduce hardcoded values and use environment variables - Updated docker-compose.yml to source ports and credentials from environment file - Enhanced check_services.sh to read from .env instead of using hardcoded values - Improved README.md with instructions for environment file setup - Fixed container health checks to use the correct service addresses
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (5)
Dockerfile.n8n (2)
4-4: Remove unused build argument
TheARG NODE_ENV=productiondeclaration isn’t referenced elsewhere in this Dockerfile. Consider removing it or converting it to anENVif the application requires it at runtime.
11-13: Use a more reliable health check
Relying onwgetmay fail if the binary isn’t present, and0.0.0.0isn’t routable from inside the container. You can simplify withcurl -fand targetlocalhost.- HEALTHCHECK --interval=30s --timeout=10s --retries=3 --start-period=30s \ - CMD ["/bin/sh", "-c", "wget -q --spider http://0.0.0.0:${N8N_PORT}/healthz || exit 1"] + HEALTHCHECK --interval=30s --timeout=10s --retries=3 --start-period=30s \ + CMD-SHELL curl -f http://localhost:${N8N_PORT}/healthz || exit 1README.md (3)
55-55: Rephrase for conciseness
The sentence “If you’ve made changes to the Dockerfiles, you’ll need to rebuild the images:” can be tightened to “Rebuild images after modifying the Dockerfiles:” for stronger, more direct wording.🧰 Tools
🪛 LanguageTool
[style] ~55-~55: Consider shortening or rephrasing this to strengthen your wording.
Context: ... ### Building custom images If you've made changes to the Dockerfiles, you'll need to rebuild...(MAKE_CHANGES)
98-98: Specify language for example output block
The example‑output snippet is fenced without a language hint. To satisfy lint rules and improve readability, add a language identifier (e.g.,textorconsole) after the opening backticks:- ``` + ```text Checking service availability… Checking n8n at http://localhost:5678/healthz… ACCESSIBLE ✅ (HTTP 200) …🧰 Tools
🪛 markdownlint-cli2 (0.17.2)
98-98: Fenced code blocks should have a language specified
null(MD040, fenced-code-language)
114-115: Format bare URLs
Bare URLs can trigger lint warnings. Wrap them in backticks or angle brackets, e.g.:- **n8n**: `<http://localhost:5678>` - **Temporal UI**: `<http://localhost:8080>`🧰 Tools
🪛 markdownlint-cli2 (0.17.2)
114-114: Bare URL used
null(MD034, no-bare-urls)
115-115: Bare URL used
null(MD034, no-bare-urls)
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (5)
Dockerfile.n8n(1 hunks)Dockerfile.temporal(1 hunks)README.md(1 hunks)docker-compose.yml(1 hunks)scripts/check_services.sh(1 hunks)
🚧 Files skipped from review as they are similar to previous changes (3)
- Dockerfile.temporal
- docker-compose.yml
- scripts/check_services.sh
🧰 Additional context used
🪛 LanguageTool
README.md
[style] ~55-~55: Consider shortening or rephrasing this to strengthen your wording.
Context: ... ### Building custom images If you've made changes to the Dockerfiles, you'll need to rebuild...
(MAKE_CHANGES)
🪛 markdownlint-cli2 (0.17.2)
README.md
98-98: Fenced code blocks should have a language specified
null
(MD040, fenced-code-language)
114-114: Bare URL used
null
(MD034, no-bare-urls)
115-115: Bare URL used
null
(MD034, no-bare-urls)
🔇 Additional comments (1)
Dockerfile.n8n (1)
1-1: Base image pinned correctly
Good job pinning ton8nio/n8n:1.89.2instead of usinglatest, which ensures reproducible builds.
- Add step to copy .env.example to .env in code-quality workflow - Ensure environment configuration is available for Docker build process
- Add ARG N8N_PORT=5678 to properly define the port used in healthcheck and EXPOSE
- Simplify Docker rebuild instructions for better readability - Fix code block formatting by specifying text language - Format service URLs as proper markdown links with angle brackets
|
There was a problem hiding this comment.
Comment:
The errors are non-critical and don't affect the service's operation
The errors occur because Temporal's auto-setup process tries to create databases and namespaces that already exist
During Temporal service startup, the following errors are observed in the PostgreSQL logs:
- Database creation error:
2025-04-22 06:20:59.571 UTC [32] ERROR: database "temporal_visibility" already exists
2025-04-22 06:20:59.571 UTC [32] STATEMENT: CREATE DATABASE temporal_visibility
- Namespace creation error:
2025-04-22 06:20:59.706 UTC [41] ERROR: duplicate key value violates unique constraint "namespaces_pkey"
2025-04-22 06:20:59.706 UTC [41] DETAIL: Key (partition_id, id)=(54321, \x32049b68787240948e63d0dd59896a83) already exists.
2025-04-22 06:20:59.706 UTC [41] STATEMENT: INSERT INTO
namespaces (partition_id, id, name, is_global, data, data_encoding, notification_version)
VALUES($1, $2, $3, $4, $5, $6, $7)
Summary by CodeRabbit
Summary by CodeRabbit
New Features
Documentation
Chores