PromucFlow_constructor/scripts/prepare_server_artifacts.sh

#!/bin/bash -eux

cd "$(git rev-parse --show-toplevel)"

if [[ -z "${EDITION-}" ]]; then
  export EDITION=ce
  if [[ "$(git remote get-url origin)" == *appsmithorg/appsmith-ee* ]]; then
    export EDITION=ee
  fi
fi

echo "Building server artifacts for $EDITION edition (PostgreSQL support removed)"

target="deploy/docker/fs/opt/appsmith/server"
mkdir -p "$target"
rm -rf "$target"/{pg,mongo}

# Build MongoDB server artifacts
cp -r "app/server/dist" "$target/mongo"
mv "$target/mongo"/server-*.jar "$target/mongo/server.jar"

# PostgreSQL support has been removed - no more vulnerable artifacts
# This eliminates CVE-2024-38821 from the Docker image
echo "✅ MongoDB artifacts prepared successfully"
echo "🗑️ PostgreSQL artifacts skipped (CVE-2024-38821 eliminated)"
echo "📁 Only MongoDB artifacts: $target/mongo/"
feat: Make images adaptable to support both Postgres and MongoDB uris (#36424) ## Description PR to make the release tag adaptable to work with both MongoDB and PostgreSQL uris. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - Introduced a new script to automate the preparation of server artifacts, improving the build process. - Added SQL files to the indentation configuration for consistent code formatting. - Improvements - Enhanced error handling in the Docker build process to ensure essential files are present before execution. - Updated service configuration logic to prevent misconfiguration based on the environment. - Added a new job step in the build workflow to prepare server artifacts after the build process. - Implemented conditional logic in the run script to dynamically adapt to different database configurations. - Bug Fixes - Adjusted the initialization process to focus on MongoDB, improving reliability in various environments. <!-- end of auto-generated comment: release notes by coderabbit.ai --> /test Sanity ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/10940528231> > Commit: 32731e8a93a25e5c9456eb89daca2d8bf327c012 > <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=10940528231&attempt=1" target="_blank">Cypress dashboard</a>. > Tags: `@tag.Sanity` > Spec: > <hr>Thu, 19 Sep 2024 12:21:54 UTC <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No 2024-09-19 16:15:46 +00:00			`#!/bin/bash -eux`

			`cd "$(git rev-parse --show-toplevel)"`

			`if [[ -z "${EDITION-}" ]]; then`
			`export EDITION=ce`
			`if [[ "$(git remote get-url origin)" == appsmithorg/appsmith-ee ]]; then`
			`export EDITION=ee`
			`fi`
			`fi`

fix: CVE-2024-38821 (#41221) ## Description Before: The appsmith-ce release image contains CVE-2024-38821 critical vulnerability. <img width="1258" height="876" alt="Screenshot 2025-09-12 at 1 41 00 PM" src="https://github.com/user-attachments/assets/6e5292c7-d073-4241-970d-511ab0533547" /> [cves_report_ce.json](https://github.com/user-attachments/files/22292789/cves_report_ce.json) After: The current DP image doesn't contain CVE-2024-38821 after removing pg build from server. <img width="1248" height="906" alt="Screenshot 2025-09-12 at 1 40 36 PM" src="https://github.com/user-attachments/assets/d7d2c812-d6e5-4994-9c08-923e0302b415" /> [cves_41221.txt](https://github.com/user-attachments/files/22292798/cves_41221.txt) Fixes CVE-2024-38821 ## Automation /ok-to-test tags="@tag.Sanity" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/17725447283> > Commit: 959d97e926357bfcd1e0aec32a9127be5b8df403 > <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=17725447283&attempt=2" target="_blank">Cypress dashboard</a>. > Tags: `@tag.Sanity` > Spec: > <hr>Mon, 15 Sep 2025 08:39:53 UTC <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * Chores * Removed PostgreSQL support from build artifacts; only the MongoDB edition is produced going forward. * Updated Docker validation to require only the MongoDB server jar; error message reflects this change. * Simplified artifact preparation by removing PostgreSQL image extraction and related steps. * Maintains existing exit-on-failure behavior; successful MongoDB paths are unchanged. * No changes to runtime behavior for MongoDB users. <!-- end of auto-generated comment: release notes by coderabbit.ai --> 2025-09-15 11:14:16 +00:00			`echo "Building server artifacts for $EDITION edition (PostgreSQL support removed)"`
feat: Make images adaptable to support both Postgres and MongoDB uris (#36424) ## Description PR to make the release tag adaptable to work with both MongoDB and PostgreSQL uris. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - Introduced a new script to automate the preparation of server artifacts, improving the build process. - Added SQL files to the indentation configuration for consistent code formatting. - Improvements - Enhanced error handling in the Docker build process to ensure essential files are present before execution. - Updated service configuration logic to prevent misconfiguration based on the environment. - Added a new job step in the build workflow to prepare server artifacts after the build process. - Implemented conditional logic in the run script to dynamically adapt to different database configurations. - Bug Fixes - Adjusted the initialization process to focus on MongoDB, improving reliability in various environments. <!-- end of auto-generated comment: release notes by coderabbit.ai --> /test Sanity ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/10940528231> > Commit: 32731e8a93a25e5c9456eb89daca2d8bf327c012 > <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=10940528231&attempt=1" target="_blank">Cypress dashboard</a>. > Tags: `@tag.Sanity` > Spec: > <hr>Thu, 19 Sep 2024 12:21:54 UTC <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No 2024-09-19 16:15:46 +00:00
			`target="deploy/docker/fs/opt/appsmith/server"`
			`mkdir -p "$target"`
			`rm -rf "$target"/{pg,mongo}`

fix: CVE-2024-38821 (#41221) ## Description Before: The appsmith-ce release image contains CVE-2024-38821 critical vulnerability. <img width="1258" height="876" alt="Screenshot 2025-09-12 at 1 41 00 PM" src="https://github.com/user-attachments/assets/6e5292c7-d073-4241-970d-511ab0533547" /> [cves_report_ce.json](https://github.com/user-attachments/files/22292789/cves_report_ce.json) After: The current DP image doesn't contain CVE-2024-38821 after removing pg build from server. <img width="1248" height="906" alt="Screenshot 2025-09-12 at 1 40 36 PM" src="https://github.com/user-attachments/assets/d7d2c812-d6e5-4994-9c08-923e0302b415" /> [cves_41221.txt](https://github.com/user-attachments/files/22292798/cves_41221.txt) Fixes CVE-2024-38821 ## Automation /ok-to-test tags="@tag.Sanity" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/17725447283> > Commit: 959d97e926357bfcd1e0aec32a9127be5b8df403 > <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=17725447283&attempt=2" target="_blank">Cypress dashboard</a>. > Tags: `@tag.Sanity` > Spec: > <hr>Mon, 15 Sep 2025 08:39:53 UTC <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * Chores * Removed PostgreSQL support from build artifacts; only the MongoDB edition is produced going forward. * Updated Docker validation to require only the MongoDB server jar; error message reflects this change. * Simplified artifact preparation by removing PostgreSQL image extraction and related steps. * Maintains existing exit-on-failure behavior; successful MongoDB paths are unchanged. * No changes to runtime behavior for MongoDB users. <!-- end of auto-generated comment: release notes by coderabbit.ai --> 2025-09-15 11:14:16 +00:00			`# Build MongoDB server artifacts`
feat: Make images adaptable to support both Postgres and MongoDB uris (#36424) ## Description PR to make the release tag adaptable to work with both MongoDB and PostgreSQL uris. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit - New Features - Introduced a new script to automate the preparation of server artifacts, improving the build process. - Added SQL files to the indentation configuration for consistent code formatting. - Improvements - Enhanced error handling in the Docker build process to ensure essential files are present before execution. - Updated service configuration logic to prevent misconfiguration based on the environment. - Added a new job step in the build workflow to prepare server artifacts after the build process. - Implemented conditional logic in the run script to dynamically adapt to different database configurations. - Bug Fixes - Adjusted the initialization process to focus on MongoDB, improving reliability in various environments. <!-- end of auto-generated comment: release notes by coderabbit.ai --> /test Sanity ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/10940528231> > Commit: 32731e8a93a25e5c9456eb89daca2d8bf327c012 > <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=10940528231&attempt=1" target="_blank">Cypress dashboard</a>. > Tags: `@tag.Sanity` > Spec: > <hr>Thu, 19 Sep 2024 12:21:54 UTC <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No 2024-09-19 16:15:46 +00:00			`cp -r "app/server/dist" "$target/mongo"`
			`mv "$target/mongo"/server-*.jar "$target/mongo/server.jar"`

fix: CVE-2024-38821 (#41221) ## Description Before: The appsmith-ce release image contains CVE-2024-38821 critical vulnerability. <img width="1258" height="876" alt="Screenshot 2025-09-12 at 1 41 00 PM" src="https://github.com/user-attachments/assets/6e5292c7-d073-4241-970d-511ab0533547" /> [cves_report_ce.json](https://github.com/user-attachments/files/22292789/cves_report_ce.json) After: The current DP image doesn't contain CVE-2024-38821 after removing pg build from server. <img width="1248" height="906" alt="Screenshot 2025-09-12 at 1 40 36 PM" src="https://github.com/user-attachments/assets/d7d2c812-d6e5-4994-9c08-923e0302b415" /> [cves_41221.txt](https://github.com/user-attachments/files/22292798/cves_41221.txt) Fixes CVE-2024-38821 ## Automation /ok-to-test tags="@tag.Sanity" ### :mag: Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/17725447283> > Commit: 959d97e926357bfcd1e0aec32a9127be5b8df403 > <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=17725447283&attempt=2" target="_blank">Cypress dashboard</a>. > Tags: `@tag.Sanity` > Spec: > <hr>Mon, 15 Sep 2025 08:39:53 UTC <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * Chores * Removed PostgreSQL support from build artifacts; only the MongoDB edition is produced going forward. * Updated Docker validation to require only the MongoDB server jar; error message reflects this change. * Simplified artifact preparation by removing PostgreSQL image extraction and related steps. * Maintains existing exit-on-failure behavior; successful MongoDB paths are unchanged. * No changes to runtime behavior for MongoDB users. <!-- end of auto-generated comment: release notes by coderabbit.ai --> 2025-09-15 11:14:16 +00:00			`# PostgreSQL support has been removed - no more vulnerable artifacts`
			`# This eliminates CVE-2024-38821 from the Docker image`
			`echo "✅ MongoDB artifacts prepared successfully"`
			`echo "🗑️ PostgreSQL artifacts skipped (CVE-2024-38821 eliminated)"`
			`echo "📁 Only MongoDB artifacts: $target/mongo/"`