akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 5 Packages Projects Releases Wiki Activity

fix: include scripts directory in Docker image for database recovery

Browse Source
This commit is contained in:
GitHub Actions
2025-12-17 15:15:42 +00:00
parent f094123123
commit bd0dfd5487
3 changed files with 13 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.dockerignore
View File

@@ -145,9 +145,8 @@ docker-compose*.yml
dist/
# -----------------------------------------------------------------------------
# Scripts & Tools (not needed in image)
# Tools (not needed in image)
# -----------------------------------------------------------------------------
scripts/
tools/
create_issues.sh
cookies.txt

8
Dockerfile
View File

@@ -243,10 +243,10 @@ RUN set -eux; \
FROM ${CADDY_IMAGE}
WORKDIR /app
# Install runtime dependencies for Charon (no bash needed)
# Install runtime dependencies for Charon, including bash for maintenance scripts
# Explicitly upgrade c-ares to fix CVE-2025-62408
# hadolint ignore=DL3018
RUN apk --no-cache add ca-certificates sqlite-libs tzdata curl gettext \
RUN apk --no-cache add bash ca-certificates sqlite-libs sqlite tzdata curl gettext \
&& apk --no-cache upgrade \
&& apk --no-cache upgrade c-ares
@@ -301,6 +301,10 @@ COPY --from=frontend-builder /app/frontend/dist /app/frontend/dist
COPY docker-entrypoint.sh /docker-entrypoint.sh
RUN chmod +x /docker-entrypoint.sh
# Copy utility scripts (used for DB recovery and maintenance)
COPY scripts/ /app/scripts/
RUN chmod +x /app/scripts/db-recovery.sh
# Set default environment variables
ENV CHARON_ENV=production \
CHARON_DB_PATH=/app/data/charon.db \

6
docs/plans/current_spec.md
View File

@@ -10,6 +10,12 @@
**This is NOT a logic bug.** The root cause is **SQLite database corruption** affecting specific records in the `uptime_heartbeats` table. The error `database disk image is malformed` is consistently returned when querying heartbeat history for exactly 6 specific monitor IDs.
## Dockerfile Scripts Inclusion Check (Dec 17, 2025)
- Observation: The runtime stage in Dockerfile (base `${CADDY_IMAGE}` → WORKDIR `/app`) copies Caddy, CrowdSec binaries, backend binary (`/app/charon`), frontend build, and `docker-entrypoint.sh`, but does **not** copy the repository `scripts/` directory. No prior stage copies `scripts/` either.
- Impact: `docker exec -it charon /app/scripts/db-recovery.sh` fails after rebuild because `/app/scripts/db-recovery.sh` is absent in the image.
- Minimal fix to apply: Add a copy step in the final stage, e.g. `COPY scripts/ /app/scripts/` followed by `RUN chmod +x /app/scripts/db-recovery.sh` to ensure the recovery script is present and executable inside the container at `/app/scripts/db-recovery.sh`.
---
## 1. Evidence from Container Logs