Re: [PR] fix(docker-compose-light): revert/light-compose and fix init scripts (examples & cy… [superset]

Sat, 07 Mar 2026 13:19:02 -0800 


Copilot commented on code in PR #38492:
URL: https://github.com/apache/superset/pull/38492#discussion_r2900570193


##########
docker-compose-light.yml:
##########
@@ -87,6 +87,8 @@ services:
         required: false
     image: postgres:17
     restart: unless-stopped
+    ports:
+      - "${DATABASE_PORT:-5432}:5432"  # Parameterized port, accessible on all 
interfaces

Review Comment:
   Publishing the DB port using `${DATABASE_PORT}` is potentially misleading 
here because `DATABASE_PORT` is also used by Superset to build its in-network 
SQLAlchemy URI (where `db-light` is still reachable on container port 5432 
regardless of the published host port). If someone changes `DATABASE_PORT` to 
avoid a host port collision, Superset will likely try connecting to 
`db-light:${DATABASE_PORT}` and fail. Consider using a separate variable for 
the published host port (or hardcoding `:5432` for container-to-container 
traffic and only parameterizing the host side).
   ```suggestion
         - "${HOST_DATABASE_PORT:-5432}:5432"  # Host-published port; container 
always listens on 5432
   ```



##########
docker-compose-light.yml:
##########
@@ -87,6 +87,8 @@ services:
         required: false
     image: postgres:17
     restart: unless-stopped
+    ports:
+      - "${DATABASE_PORT:-5432}:5432"  # Parameterized port, accessible on all 
interfaces

Review Comment:
   `db-light` now publishes Postgres on all interfaces (no `127.0.0.1` bind). 
This is inconsistent with `docker-compose.yml` (which binds 
`127.0.0.1:${DATABASE_PORT:-5432}:5432`) and can unintentionally expose the 
database when running on a shared/remote host. Consider binding to localhost 
(or making the bind address configurable) to keep the default safer.
   ```suggestion
         - "${DATABASE_BIND_ADDRESS:-127.0.0.1}:${DATABASE_PORT:-5432}:5432"  # 
Bind Postgres to localhost by default
   ```



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to