search

triggerdotdev / trigger.dev

Trigger.dev is the open source background jobs platform.
https://trigger.dev/changelog
Apache License 2.0
8.6k stars 520 forks source link

Build fails with TypedSQL enabled but prisma migrations disabled #1327

Open gorbak25 opened 13 hours ago

gorbak25 commented 13 hours ago

Provide environment information

  System:
    OS: Linux 6.10 Ubuntu 22.04.5 LTS 22.04.5 LTS (Jammy Jellyfish)
    CPU: (32) x64 AMD Ryzen 9 5950X 16-Core Processor
    Memory: 115.65 GB / 125.68 GB
    Container: Yes
    Shell: 5.1.16 - /bin/bash
  Binaries:
    Node: 22.8.0 - /usr/bin/node
    Yarn: 1.22.19 - /usr/bin/yarn
    npm: 10.8.2 - /usr/bin/npm

Describe the bug

After applying the workaround from #1325, that is copying the sql folder into the location expected by the cli npx trigger.dev@latest deploy still fails with

└  Error: Error building image. Full build logs have been saved to /tmp/trigger-mQAkpy/build-jvbf0cg5.log
#17 [build 6/6] RUN node node_modules/prisma/build/index.js generate --schema=./prisma/schema.prisma --sql
#17 0.546 Prisma schema loaded from prisma/schema.prisma
#17 0.561 Error: Prisma schema validation - (get-config wasm)
#17 0.561 Error code: P1012
#17 0.561 error: Environment variable not found: DATABASE_URL.
#17 0.561   -->  prisma/schema.prisma:8
#17 0.561    |
#17 0.561  7 |   provider = "postgresql"
#17 0.561  8 |   url      = env("DATABASE_URL")
#17 0.561    |
#17 0.561
#17 0.561 Validation Error Count: 1
#17 0.561 [Context: getConfig]
#17 0.561
#17 0.561 Prisma CLI Version : 5.19.1
#17 ERROR: process "/bin/sh -c node node_modules/prisma/build/index.js generate --schema=./prisma/schema.prisma --sql" did not complete successfully: exit code: 1
------
> [build 6/6] RUN node node_modules/prisma/build/index.js generate --schema=./prisma/schema.prisma --sql:
#17 0.561   -->  prisma/schema.prisma:8
#17 0.561    |
#17 0.561  7 |   provider = "postgresql"
#17 0.561  8 |   url      = env("DATABASE_URL")
#17 0.561    |
#17 0.561
#17 0.561 Validation Error Count: 1
#17 0.561 [Context: getConfig]
#17 0.561
#17 0.561 Prisma CLI Version : 5.19.1
------
Error: failed to solve: process "/bin/sh -c node node_modules/prisma/build/index.js generate --schema=./prisma/schema.prisma --sql" did not complete successfully: exit code: 1

This is expected as prisma needs to connect to a live database during the build when TypedSQL is enabled. By exposing the secrets to the build the resulting container could leak them, how does the build system handle the secrets?

Reproduction repo

N/A

To reproduce

Try deploying a project with prisma and TypedSQL enabled.

Additional information

No response

ericallam commented 13 hours ago

Very good question! We run the prisma generate step inside the "build" stage of the container, and inject the DATABASE_URL env var via a build argument, just to that stage. The final stage of the container then will not have that DATABASE_URL env var embedded inside it. We don't embed any sensitive env vars to final stage. You can see for yourself here: https://github.com/triggerdotdev/trigger.dev/blob/b590a318a22216dd93063c8a05acde35dd44929b/packages/cli-v3/src/deploy/buildImage.ts#L590

gorbak25 commented 13 hours ago

@ericallam The problem is that this environment variable is only set when migrations are enabled in the prisma extension: https://github.com/triggerdotdev/trigger.dev/blob/b3a6f4e0ac62f10f6c539c933e7ec46b8843c87e/packages/build/src/extensions/prisma.ts#L230

With the following configuration

      prismaExtension({
        schema: "prisma/schema.prisma",
        directUrlEnvVarName: "DATABASE_URL",
        typedSql: true,
        migrate: false,
      }),

DATABASE_URL will never get set during the build. I've fixed this issue by enabling migrations.

gorbak25 commented 13 hours ago

I've changed the title of this issue to better reflect the problem