Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

ArangoContainer

A single-node ArangoDB container. Auth is disabled by default (ARANGO_NO_AUTH=1); call .with_root_password(...) to enable it instead.

Default image: arangodb:3.11 Guest port: 8529

MethodOnEffect
ArangoContainer::new()builderPinned default image, auth disabled.
ArangoContainer::with_image(image)builderCaller-chosen image, auth disabled.
.with_root_password(password)builderEnables auth with the given root password instead of no-auth.
.start()builder → Result<ArangoGuard>Boots the container.
.endpoint()guardHTTP API base URI, e.g. http://127.0.0.1:<port>.
.stop()guardStops and removes the container, releases its port.

with_root_password — why it removes ARANGO_NO_AUTH instead of just setting a password

This is worth understanding before you reach for it: the official ArangoDB entrypoint checks ARANGO_NO_AUTH for mere presence, unconditionally, near the very end of the script (if [ ! -z "$ARANGO_NO_AUTH" ]; then AUTHENTICATION="false"; fi) — right before it execs arangod --server.authentication=$AUTHENTICATION. This check does not care whether ARANGO_ROOT_PASSWORD is also set. Verified directly against the real entrypoint (docker run --entrypoint /bin/cat arangodb:3.11 /entrypoint.sh): with both variables set, the root password does get initialized (the init block only cares that ARANGO_ROOT_PASSWORD is set), but AUTHENTICATION still ends up "false" because ARANGO_NO_AUTH is still present — auth stays off regardless of the password.

So with_root_password calls remove_env("ARANGO_NO_AUTH") before setting ARANGO_ROOT_PASSWORD — a core-level primitive (Container::remove_env) that exists specifically for cases like this, where a later env var must retract an earlier one’s effect on the entrypoint, not merely be shadowed by last-wins value resolution.

Complete example

use rightsize_modules::ArangoContainer;

#[tokio::test]
async fn arango_serves_version() -> Result<(), Box<dyn std::error::Error>> {
    let guard = ArangoContainer::new().start().await?;

    let body = ureq::get(format!("{}/_api/version", guard.endpoint()))
        .call()?
        .body_mut()
        .read_to_string()?;
    assert!(body.contains("version"));

    guard.stop().await?;
    Ok(())
}

Backend notes

No memory-limit override and no known quirks beyond the auth-flag behavior above, which is purely an ArangoDB entrypoint detail — identical on both backends.