Connect to MongoDB Atlas

Our build need to talk to a MongoDB Atlas instance for the integration tests. However, due to MongoDB Atlas Network Security setting (whitelist based), we have the following error:

pymongo.errors.ServerSelectionTimeoutError: xxx-shard-00-00-albzh.mongodb.net:27017: timed out,xxx-shard-00-02-albzh.mongodb.net:27017: timed out,xxx-shard-00-01-albzh.mongodb.net:27017: timed out

Is there any way to set CircleCI to connect to MongoDB Atlas?

Cheers,

Hi there,

Assuming that you need to whitelist sources on the CircleCI side the only solution here is to whitelist all of the AWS US-East and US-West ranges since this is where builds originate from.

This “solution” defeats the purpose of whitelisting in many ways. The only alternative is to switch to CircleCI server, which would allow you to run the entire system within a network that you control.

Thank you @levlaz for confirming this. It’s a bit annoying actually, though not fully CircleCI’s issue.

Can you just spin up an instance of Mongo in your own environment? Ideally, CI environments should be as self-contained as possible.

Hi @halfer, thanks for your input. Just to clarify: what do you mean ‘in our own environment’? Could you show me a sort of example please?

By “in your own environment”, I mean whatever you put in your CI system (in this case, whatever runs in your CircleCI workflow).

There are very few cases, in my opinion, where it is appropriate to connect to an external database to run your tests. Since you are in a Docker environment within CircleCI, it is a much more reliable (and faster) approach to spin up your own Mongo instance, insert the appropriate pieces of data for your integration tests, spin up the pieces of your app within CircleCI, and then run your integration tests (and thus nothing needs to reach outside of the CircleCI network when it is running).

To do this, you could either install Mongo in your build server, or you could spin up a Mongo instance as a secondary container (in your docker section). How to do all this is a very broad question, and you would do well to read the manual, so you can start developing ideas about how this would work. However, if you would like some broad guidance, perhaps you could describe what different pieces you have in your system, and what the integration tests are actually doing.

Thank you @halfer. I think it all makes sense to me.

We are a bit lazy on this (preparing test data) since we have dev/prod two well setup environments.

Nevertheless, we thought these cloud based environments (CircleCI / AWS / MongoDB Atlas, etct) could have a better way to allow accesses, e.g. public key etc.

Thanks for your input again.

You still need an automated way of recreating a database from scratch, otherwise your dev environment can only be used once. If you have that automatic mechanism already, there is not much work involved in getting it to work in your CI system, which will give you the benefit of faster and more reliable builds.

If you cannot spare half a day to do that now, it would be a good idea to try to fix it in the future, unless you have some overriding reason to connect to a remote test database.