sourcebot/entrypoint.sh at main · sourcebot-dev/sourcebot · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
#!/bin/sh

# Exit immediately if a command fails
set -e
# Disable auto-exporting of variables
set +a

# Detect if running as root
IS_ROOT=false
if [ "$(id -u)" -eq 0 ]; then
    IS_ROOT=true
fi

if [ "$IS_ROOT" = "true" ]; then
    echo -e "\e[34m[Info] Running as root user.\e[0m"
else
    echo -e "\e[34m[Info] Running as non-root user.\e[0m"
fi

# If a CONFIG_PATH is set, resolve the environment overrides from the config file.
# The overrides will be written into variables scopped to the current shell. This is
# required in case one of the variables used in this entrypoint is overriden (e.g.,
# DATABASE_URL, REDIS_URL, etc.)
if [ -n "$CONFIG_PATH" ]; then
    echo -e "\e[34m[Info] Resolving environment overrides from $CONFIG_PATH...\e[0m"

    set +e # Disable exist on error so we can capture EXIT_CODE
    OVERRIDES_OUTPUT=$(SKIP_ENV_VALIDATION=1 yarn tool:resolve-env-overrides)
    EXIT_CODE=$?
    set -e # Re-enable exit on error

    if [ $EXIT_CODE -eq 0 ]; then
        eval "$OVERRIDES_OUTPUT"
    else
        echo -e "\e[31m[Error] Failed to resolve environment overrides.\e[0m"
        echo "$OVERRIDES_OUTPUT"
        exit 1
    fi
fi

# Descontruct the database URL from the individual variables if DATABASE_URL is not set
if [ -z "$DATABASE_URL" ] && [ -n "$DATABASE_HOST" ] && [ -n "$DATABASE_USERNAME" ] && [ -n "$DATABASE_PASSWORD" ]  && [ -n "$DATABASE_NAME" ]; then
    DATABASE_URL="postgresql://${DATABASE_USERNAME}:${DATABASE_PASSWORD}@${DATABASE_HOST}/${DATABASE_NAME}"

    if [ -n "$DATABASE_ARGS" ]; then
        DATABASE_URL="${DATABASE_URL}?$DATABASE_ARGS"
    fi
fi

if [ -z "$DATABASE_URL" ]; then
    echo -e "\e[34m[Info] DATABASE_URL is not set. Using embeded database.\e[0m"
    export DATABASE_EMBEDDED="true"
    export DATABASE_URL="postgresql://postgres@localhost:5432/sourcebot"
else
    export DATABASE_EMBEDDED="false"
fi

if [ -z "$REDIS_URL" ]; then
    echo -e "\e[34m[Info] REDIS_URL is not set. Using embeded redis.\e[0m"
    export REDIS_EMBEDDED="true"
    export REDIS_URL="redis://localhost:6379"
else
    export REDIS_EMBEDDED="false"
fi

# Extract version from version.ts
VERSION_FILE="/app/packages/shared/src/version.ts"
if [ -f "$VERSION_FILE" ]; then
    SOURCEBOT_VERSION=$(grep -o '"v[^"]*"' "$VERSION_FILE" | tr -d '"')
    # Validate extraction succeeded
    if [ -z "$SOURCEBOT_VERSION" ]; then
        echo -e "\e[33m[Warning] Failed to extract version from $VERSION_FILE. Setting to 'unknown'.\e[0m" >&2
        SOURCEBOT_VERSION="unknown"
    fi
else
    SOURCEBOT_VERSION="unknown"
fi

echo -e "\e[34m[Info] Sourcebot version: $SOURCEBOT_VERSION\e[0m"

if [ -n "$SOURCEBOT_TELEMETRY_DISABLED" ]; then
    # Validate that SOURCEBOT_TELEMETRY_DISABLED is either "true" or "false"
    if [ "$SOURCEBOT_TELEMETRY_DISABLED" != "true" ] && [ "$SOURCEBOT_TELEMETRY_DISABLED" != "false" ]; then
        echo -e "\e[31m[Error] SOURCEBOT_TELEMETRY_DISABLED must be either 'true' or 'false'. Got '$SOURCEBOT_TELEMETRY_DISABLED'\e[0m"
        exit 1
    fi
else
    export SOURCEBOT_TELEMETRY_DISABLED=false
fi

# Issue a info message about telemetry
if [ "$SOURCEBOT_TELEMETRY_DISABLED" = "true" ]; then
    echo -e "\e[34m[Info] Disabling telemetry since SOURCEBOT_TELEMETRY_DISABLED was set.\e[0m"
fi

# Check if DATA_CACHE_DIR exists, if not create it
if [ ! -d "$DATA_CACHE_DIR" ]; then
    mkdir -p "$DATA_CACHE_DIR"
fi

# Check if DATABASE_DATA_DIR exists, if not initialize it
if [ "$DATABASE_EMBEDDED" = "true" ] && [ ! -d "$DATABASE_DATA_DIR" ]; then
    echo -e "\e[34m[Info] Initializing database at $DATABASE_DATA_DIR...\e[0m"
    mkdir -p $DATABASE_DATA_DIR
    if [ "$IS_ROOT" = "true" ]; then
        chown -R postgres:postgres "$DATABASE_DATA_DIR"
        su postgres -c "initdb -D $DATABASE_DATA_DIR"
    else
        initdb -D "$DATABASE_DATA_DIR" -U postgres
    fi
fi

# Create the redis data directory if it doesn't exist
if [ "$REDIS_EMBEDDED" = "true" ] && [ ! -d "$REDIS_DATA_DIR" ]; then
    mkdir -p $REDIS_DATA_DIR
fi

if [ -z "$SOURCEBOT_ENCRYPTION_KEY" ]; then
    echo -e "\e[33m[Warning] SOURCEBOT_ENCRYPTION_KEY is not set.\e[0m"

    if [ -f "$DATA_CACHE_DIR/.secret" ]; then
        echo -e "\e[34m[Info] Loading environment variables from $DATA_CACHE_DIR/.secret\e[0m"
    else
        echo -e "\e[34m[Info] Generating a new encryption key...\e[0m"
        SOURCEBOT_ENCRYPTION_KEY=$(openssl rand -base64 24)
        echo "SOURCEBOT_ENCRYPTION_KEY=\"$SOURCEBOT_ENCRYPTION_KEY\"" >> "$DATA_CACHE_DIR/.secret"
    fi

    set -a
    . "$DATA_CACHE_DIR/.secret"
    set +a
fi

# @see : https://authjs.dev/getting-started/deployment#auth_secret
if [ -z "$AUTH_SECRET" ]; then
    echo -e "\e[33m[Warning] AUTH_SECRET is not set.\e[0m"

    if [ -f "$DATA_CACHE_DIR/.authjs-secret" ]; then
        echo -e "\e[34m[Info] Loading environment variables from $DATA_CACHE_DIR/.authjs-secret\e[0m"
    else
        echo -e "\e[34m[Info] Generating a new encryption key...\e[0m"
        AUTH_SECRET=$(openssl rand -base64 33)
        echo "AUTH_SECRET=\"$AUTH_SECRET\"" >> "$DATA_CACHE_DIR/.authjs-secret"
    fi

    set -a
    . "$DATA_CACHE_DIR/.authjs-secret"
    set +a
fi

if [ -z "$AUTH_URL" ]; then
    echo -e "\e[33m[Warning] AUTH_URL is not set.\e[0m"
    export AUTH_URL="http://localhost:3000"
fi

# In order to detect if this is the first run, we create a `.installed` file in
# the cache directory.
FIRST_RUN_FILE="$DATA_CACHE_DIR/.installedv3"

if [ ! -f "$FIRST_RUN_FILE" ]; then
    touch "$FIRST_RUN_FILE"
    export SOURCEBOT_INSTALL_ID=$(uuidgen)

    # If this is our first run, send a `install` event to PostHog
    # (if telemetry is enabled)
    if [ "$SOURCEBOT_TELEMETRY_DISABLED" = "false" ]; then
        if ! ( curl -L --output /dev/null --silent --fail --header "Content-Type: application/json" -d '{
            "api_key": "'"$POSTHOG_PAPIK"'",
            "event": "install",
            "distinct_id": "'"$SOURCEBOT_INSTALL_ID"'",
            "properties": {
                "sourcebot_version": "'"$SOURCEBOT_VERSION"'"
            }
        }' https://us.i.posthog.com/capture/ ) then
            echo -e "\e[33m[Warning] Failed to send install event.\e[0m"
        fi
    fi
else
    export SOURCEBOT_INSTALL_ID=$(cat "$FIRST_RUN_FILE" | jq -r '.install_id')
    PREVIOUS_VERSION=$(cat "$FIRST_RUN_FILE" | jq -r '.version')

    # If the version has changed, we assume an upgrade has occurred.
    if [ "$PREVIOUS_VERSION" != "$SOURCEBOT_VERSION" ]; then
        echo -e "\e[34m[Info] Upgraded from version $PREVIOUS_VERSION to $SOURCEBOT_VERSION\e[0m"

        if [ "$SOURCEBOT_TELEMETRY_DISABLED" = "false" ]; then
            if ! ( curl -L --output /dev/null --silent --fail --header "Content-Type: application/json" -d '{
                "api_key": "'"$POSTHOG_PAPIK"'",
                "event": "upgrade",
                "distinct_id": "'"$SOURCEBOT_INSTALL_ID"'",
                "properties": {
                    "from_version": "'"$PREVIOUS_VERSION"'",
                    "to_version": "'"$SOURCEBOT_VERSION"'"
                }
            }' https://us.i.posthog.com/capture/ ) then
                echo -e "\e[33m[Warning] Failed to send upgrade event.\e[0m"
            fi
        fi
    fi
fi

echo "{\"version\": \"$SOURCEBOT_VERSION\", \"install_id\": \"$SOURCEBOT_INSTALL_ID\"}" > "$FIRST_RUN_FILE"

# Start the database and wait for it to be ready before starting any other service
if [ "$DATABASE_EMBEDDED" = "true" ]; then
    if [ "$IS_ROOT" = "true" ]; then
        su postgres -c "postgres -D $DATABASE_DATA_DIR" &
    else
        postgres -D "$DATABASE_DATA_DIR" &
    fi

    until pg_isready -h localhost -p 5432 -U postgres; do
        echo -e "\e[34m[Info] Waiting for the database to be ready...\e[0m"
        sleep 1

        # As postgres runs in the background, we must check if it is still
        # running, otherwise the "until" loop will be running indefinitely.
        if ! pgrep -x "postgres" > /dev/null; then
            echo "postgres failed to run"
            exit 1
        fi
    done

    if [ "$IS_ROOT" = "false" ]; then
        # Running as non-root we need to ensure the postgres account is created.
        psql -U postgres -tc "SELECT 1 FROM pg_roles WHERE rolname='postgres'" | grep -q 1 \
            || createuser postgres -s
    fi

    # Check if the database already exists, and create it if it doesn't exist
    EXISTING_DB=$(psql -U postgres -tAc "SELECT 1 FROM pg_database WHERE datname = 'sourcebot'")

    if [ "$EXISTING_DB" = "1" ]; then
        echo "Database 'sourcebot' already exists; skipping creation."
    else
        echo "Creating database 'sourcebot'..."
        psql -U postgres -c "CREATE DATABASE \"sourcebot\""
    fi
fi

# Run a Database migration
echo -e "\e[34m[Info] Running database migration...\e[0m"
DATABASE_URL="$DATABASE_URL" yarn workspace @sourcebot/db prisma:migrate:prod

# Create the log directory if it doesn't exist
mkdir -p /var/log/sourcebot

# Run supervisord
exec supervisord -c /etc/supervisor/conf.d/supervisord.conf