20da6c6aef
## Description **Before:** The appsmith-ce release image contains CVE-2024-38821 critical vulnerability. <img width="1258" height="876" alt="Screenshot 2025-09-12 at 1 41 00 PM" src="https://github.com/user-attachments/assets/6e5292c7-d073-4241-970d-511ab0533547" /> [cves_report_ce.json](https://github.com/user-attachments/files/22292789/cves_report_ce.json) **After:** The current DP image doesn't contain CVE-2024-38821 after removing pg build from server. <img width="1248" height="906" alt="Screenshot 2025-09-12 at 1 40 36 PM" src="https://github.com/user-attachments/assets/d7d2c812-d6e5-4994-9c08-923e0302b415" /> [cves_41221.txt](https://github.com/user-attachments/files/22292798/cves_41221.txt) Fixes CVE-2024-38821 ## Automation /ok-to-test tags="@tag.Sanity" ### 🔍 Cypress test results <!-- This is an auto-generated comment: Cypress test results --> > [!TIP] > 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉 > Workflow run: <https://github.com/appsmithorg/appsmith/actions/runs/17725447283> > Commit: 959d97e926357bfcd1e0aec32a9127be5b8df403 > <a href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=17725447283&attempt=2" target="_blank">Cypress dashboard</a>. > Tags: `@tag.Sanity` > Spec: > <hr>Mon, 15 Sep 2025 08:39:53 UTC <!-- end of auto-generated comment: Cypress test results --> ## Communication Should the DevRel and Marketing teams inform users about this change? - [ ] Yes - [x] No <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **Chores** * Removed PostgreSQL support from build artifacts; only the MongoDB edition is produced going forward. * Updated Docker validation to require only the MongoDB server jar; error message reflects this change. * Simplified artifact preparation by removing PostgreSQL image extraction and related steps. * Maintains existing exit-on-failure behavior; successful MongoDB paths are unchanged. * No changes to runtime behavior for MongoDB users. <!-- end of auto-generated comment: release notes by coderabbit.ai -->
27 lines
826 B
Bash
Executable File
27 lines
826 B
Bash
Executable File
#!/bin/bash -eux
|
|
|
|
cd "$(git rev-parse --show-toplevel)"
|
|
|
|
if [[ -z "${EDITION-}" ]]; then
|
|
export EDITION=ce
|
|
if [[ "$(git remote get-url origin)" == *appsmithorg/appsmith-ee* ]]; then
|
|
export EDITION=ee
|
|
fi
|
|
fi
|
|
|
|
echo "Building server artifacts for $EDITION edition (PostgreSQL support removed)"
|
|
|
|
target="deploy/docker/fs/opt/appsmith/server"
|
|
mkdir -p "$target"
|
|
rm -rf "$target"/{pg,mongo}
|
|
|
|
# Build MongoDB server artifacts
|
|
cp -r "app/server/dist" "$target/mongo"
|
|
mv "$target/mongo"/server-*.jar "$target/mongo/server.jar"
|
|
|
|
# PostgreSQL support has been removed - no more vulnerable artifacts
|
|
# This eliminates CVE-2024-38821 from the Docker image
|
|
echo "✅ MongoDB artifacts prepared successfully"
|
|
echo "🗑️ PostgreSQL artifacts skipped (CVE-2024-38821 eliminated)"
|
|
echo "📁 Only MongoDB artifacts: $target/mongo/"
|