search

fastify / fastify-secure-session

Create a secure stateless cookie session for Fastify
MIT License
208 stars 48 forks source link

Segmentation Fault when using alpine image #175

Closed riazXrazor closed 1 year ago

riazXrazor commented 1 year ago

Prerequisites

Fastify version

4.0.0

Plugin version

5.3.0

Node.js version

18.x.x

Operating system

Linux

Operating system version (i.e. 20.04, 11.3, 10)

node:lts-alpine

Description

Hi, i have been trying to implement azure ad login using the package @fastify/passport with passport-azure-ad which requires the use of @fastify/secure-session for session management but when ever i run my project in docker and try the azure ad login route i get Segmentation Fault. i m using node-segfault-handler to catch the error.

i hv narrowed down the specific code causing the error bellow are the screenshots

image

image

Below is my dockerfile

FROM node:lts-alpine as dependencies
WORKDIR /usr/src/app
RUN apk add --update --no-cache python3 make g++
COPY package*.json ./
COPY ./patches ./patches
RUN npm config set update-notifier false
RUN npm install --loglevel=error

FROM node:lts-alpine as builder
WORKDIR /usr/src/app
COPY .env ./
# COPY secure-session-secret-key ./secure-session-secret-key
COPY . .
COPY --from=dependencies /usr/src/app/node_modules ./node_modules
RUN npm config set update-notifier false
RUN apk add --update --no-cache openssl1.1-compat
RUN npx prisma generate
RUN npm run build:ts --loglevel=error

FROM node:lts-alpine as runner
WORKDIR /usr/src/app
ENV NODE_ENV production
RUN npm config set update-notifier false
RUN npm i -g fastify-cli --loglevel=error
RUN npm i -g pm2 --loglevel=error
RUN npm i -g typescript --loglevel=error
RUN npx @fastify/secure-session --yes >secure-session-secret-key

COPY --from=builder /usr/src/app/.env ./
# COPY --from=builder /usr/src/app/secure-session-secret-key ./secure-session-secret-key
COPY --from=builder /usr/src/app/dist ./dist
COPY --from=builder /usr/src/app/node_modules ./node_modules
COPY --from=builder /usr/src/app/package.json ./package.json
COPY --from=builder /usr/src/app/manifests ./manifests
RUN apk add --update --no-cache openssl1.1-compat
RUN npx prisma generate
#RUN cat .env

EXPOSE 5000
CMD ["pm2-runtime", "start", "manifests/dev/ecosystem.config.js"]

BTW when i run without docker just on my pc , it works , no errors

Steps to Reproduce

visiting below route gives Segmentation Fault error and crashes the api server when the project ran in docker

image

Expected Behavior

ideally ot should redirect to microsoft for azure login if i visit this route below in screenshot

image

Uzlopak commented 1 year ago

Do you still get SegFault when you use debian based node images?

climba03003 commented 1 year ago

Seems related to https://github.com/sodium-friends/sodium-native/issues/160

Uzlopak commented 1 year ago

Yeah ok, alpine uses musl and not glibc. Actually would recommend for better performance anyway to avoid alpine.

climba03003 commented 1 year ago

I am closing this issue because it is an upstream issue. Please be patient on for the new release of sodium-native, the fix is merged but not released yet.

For the current workaround. You can either

  1. Revert to use sodium-native@3.3.0 by explicit install and npm dedupe
  2. Use node:lts
riazXrazor commented 1 year ago

ok got it, thanks guys for some much needed help , i hv been stuck on this for a while now

climba03003 commented 1 year ago

Just pin it for now, I believe a lot of developer keen on using alpine. They may face the exact same issue.

delvedor commented 1 year ago

sodium-native has been fixed, please update to https://github.com/fastify/fastify-secure-session/releases/tag/v6.0.0.