Skip to content

fix: for backport 7.0. #269

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
sattvikc merged 1 commit into from
Aug 12, 2025
Merged

fix: for backport 7.0. #269

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
50 changes: 50 additions & 0 deletions .github/helpers/docker/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
FROM ubuntu:bionic-20200219 AS tmp
WORKDIR /build
RUN apt-get update && apt-get install -y curl wget zip

RUN ARCH=$(dpkg --print-architecture) && \
if [ "$ARCH" = "amd64" ]; then \
wget -O jre.zip https://github.com/supertokens/jre/raw/refs/heads/master/jre-15.0.1-linux.zip; \
elif [ "$ARCH" = "arm64" ]; then \
wget -O jre.zip https://github.com/supertokens/jre/raw/refs/heads/master/jre-15.0.1-linux-arm.zip; \
else \
echo "Unsupported architecture: $ARCH" && exit 1; \
fi
RUN unzip jre.zip
RUN mv jre-15.0.1 jre || mv jre-15.0.1-linux-aarch/jre-15.0.1 jre
Copy link

@graphite-app graphite-app bot Aug 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The ARM JRE extraction path appears inconsistent with the downloaded file name. The script downloads jre-15.0.1-linux-arm.zip but attempts to extract from jre-15.0.1-linux-aarch/jre-15.0.1. Consider updating the extraction path to match the expected directory structure of the downloaded ARM zip file, likely jre-15.0.1-linux-arm/jre-15.0.1 or simply jre-15.0.1-linux-arm.

Suggested change
RUN mv jre-15.0.1 jre || mv jre-15.0.1-linux-aarch/jre-15.0.1 jre
RUN mv jre-15.0.1 jre || mv jre-15.0.1-linux-arm/jre-15.0.1 jre

Spotted by Diamond

Is this helpful? React 👍 or 👎 to let us know.

ADD ./cli ./cli
ADD ./core ./core
ADD ./plugin-interface ./plugin-interface
ADD ./plugin ./plugin
ADD ./ee ./ee
ADD ./config.yaml ./config.yaml
ADD ./version.yaml ./version.yaml

RUN ls && ./jre/bin/java -classpath "./cli/*" io.supertokens.cli.Main true $@

FROM debian:bookworm-slim
RUN groupadd supertokens && useradd -m -s /bin/bash -g supertokens supertokens
RUN apt-get update && apt-get install -y --no-install-recommends gnupg dirmngr curl && rm -rf /var/lib/apt/lists/*
RUN DEBIAN_FRONTEND=noninteractive TZ=Etc/UTC apt-get -y install tzdata
ENV GOSU_VERSION=1.7
RUN set -x \
&& apt-get update && apt-get install -y --no-install-recommends ca-certificates wget && rm -rf /var/lib/apt/lists/* \
&& wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture)" \
&& wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$(dpkg --print-architecture).asc" \
&& export GNUPGHOME="$(mktemp -d)" \
&& gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \
&& gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \
&& gpgconf --kill all \
&& rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc \
&& chmod +x /usr/local/bin/gosu \
&& apt-get purge -y --auto-remove wget
COPY --from=tmp --chown=supertokens /usr/lib/supertokens /usr/lib/supertokens
COPY --from=tmp --chown=supertokens /usr/bin/supertokens /usr/bin/supertokens
Comment on lines +41 to +42
Copy link

@graphite-app graphite-app bot Aug 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The COPY commands reference paths in the tmp stage (/usr/lib/supertokens and /usr/bin/supertokens) that don't appear to be created in the Dockerfile. The build process in the tmp stage places files in the /build directory, but there are no commands to move these files to the locations referenced by the COPY instructions.

Either:

  1. Add commands in the tmp stage to move the built files to these expected locations:

    RUN mkdir -p /usr/lib/supertokens /usr/bin/supertokens
RUN cp -r /build/* /usr/lib/supertokens/
# And appropriate command to create the binary in /usr/bin/supertokens

  2. Or modify the COPY commands to reference the actual locations where files exist in the tmp stage:

    COPY --from=tmp --chown=supertokens /build /usr/lib/supertokens
# And appropriate path for the binary
Suggested change
COPY --from=tmp --chown=supertokens /usr/lib/supertokens /usr/lib/supertokens
COPY --from=tmp --chown=supertokens /usr/bin/supertokens /usr/bin/supertokens
COPY --from=tmp --chown=supertokens /build /usr/lib/supertokens
COPY --from=tmp --chown=supertokens /build/supertokens /usr/bin/supertokens

Spotted by Diamond

Is this helpful? React 👍 or 👎 to let us know.

COPY ./supertokens-postgresql-plugin/.github/helpers/docker/docker-entrypoint.sh /usr/local/bin/
Copy link

@graphite-app graphite-app bot Aug 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The path to docker-entrypoint.sh appears to be incorrect. The Dockerfile is trying to copy from ./supertokens-postgresql-plugin/.github/helpers/docker/docker-entrypoint.sh, but based on the PR context, the script is likely in the same directory as the Dockerfile (.github/helpers/docker/).

Consider changing the path to:

COPY ./docker-entrypoint.sh /usr/local/bin/

This will ensure the Docker build can locate the entrypoint script correctly.

Suggested change
COPY ./supertokens-postgresql-plugin/.github/helpers/docker/docker-entrypoint.sh /usr/local/bin/
COPY ./docker-entrypoint.sh /usr/local/bin/

Spotted by Diamond

Is this helpful? React 👍 or 👎 to let us know.

RUN echo "$(md5sum /usr/lib/supertokens/config.yaml | awk '{ print $1 }')" >> /CONFIG_HASH
RUN ln -s /usr/local/bin/docker-entrypoint.sh /entrypoint.sh # backwards compat
RUN chmod +x /usr/local/bin/docker-entrypoint.sh
EXPOSE 3567
USER "supertokens"
ENTRYPOINT ["/entrypoint.sh"]
CMD ["supertokens", "start"]
Loading
Loading