Skip to content

Add Docker support for headless network discovery#9

Open
asachs01 wants to merge 1 commit intoscottpeterman:mainfrom
chatt-state:feature/docker-headless
Open

Add Docker support for headless network discovery#9
asachs01 wants to merge 1 commit intoscottpeterman:mainfrom
chatt-state:feature/docker-headless

Conversation

@asachs01
Copy link
Copy Markdown

@asachs01 asachs01 commented Feb 26, 2026
edited
Loading

Summary

  • Adds docker/ directory with Dockerfile, docker-compose.yml, entrypoint, and discovery runner
  • Installs SC2 with --no-deps to skip PyQt6 (~200MB savings), explicitly lists headless runtime deps
  • Uses library APIs directly (CredentialVault, DiscoveryEngine) to bypass interactive getpass() prompts
  • Credentials injected via environment variables (SNMPv2c, SNMPv3, SSH)
  • Runs as non-root user with tini for signal handling and resource limits
  • Adds "Docker (Headless)" section to README with env var reference

Motivation

Several users have asked about running SC2 in headless/scheduled environments (cron jobs, CI pipelines, remote servers without X11). This PR provides a production-ready Docker deployment that handles the main pain points:

  1. PyQt6 dependency — not needed for headless runs, adds ~200MB
  2. Interactive getpass()sc2-creds init and sc2-discover prompt for passwords, which fails in non-interactive contexts
  3. System dependencies — SNMP tools, graphviz, and MIBs require manual installation

What's included

File Purpose
docker/Dockerfile Python 3.12-slim, SNMP tools, graphviz, tini, non-root user
docker/docker-compose.yml Service definition with vault volume, env vars, resource limits
docker/.env.template Environment variable reference
docker/entrypoint.sh Signal handling wrapper
docker/discovery_runner.py Headless runner using SC2 library APIs
docker/.gitignore Excludes .env and output/

Test plan

  • cd docker && docker compose build completes without errors
  • docker compose up with valid .env runs discovery against test network
  • Container shows proper error when SC_SEED_IP or SC_VAULT_PASSWORD not set
  • Output files (map.json, devices.csv, topology.graphml) appear in docker/output/
  • Credential vault persists between runs (stop/start container)
  • docker compose run sc2 bash provides interactive shell for debugging

@asachs01 @claude
Add Docker support for headless network discovery
7f3f298 
Enables running SC2 discovery in Docker without GUI dependencies.
The container uses library APIs directly to bypass interactive getpass()
prompts, saving ~200MB by excluding PyQt6.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@asachs01