Question 81725 in Docker Question posted in
The official documentation can be found here.

How to pass Prisma database url at build time with docker secrets?

I am trying to dockerize an express app using prisma and supabase, but am unable to get prisma to set the supabase url at build time with docker. Prisma is expecting the url to be in an environment variable named DATABASE_URL. To avoid exposing the url I am passing it as a secret to docker and trying to set it an an environment variable but cannot get it to work. Here are two different approaches I’ve tried with my Dockerfile:

Dockerfile

# syntax=docker/dockerfile:1.2

FROM node:18.9.0
WORKDIR /app
COPY package*.json .
COPY yarn.lock .
COPY prisma .
RUN --mount=type=secret,id=_env,dst=/etc/secrets/.env 
  export $(egrep -v '^#' /etc/secrets/.env | xargs) 
  && yarn install
RUN --mount=type=secret,id=_env,dst=/etc/secrets/.env 
  export $(egrep -v '^#' /etc/secrets/.env | xargs) 
  && yarn prisma generate
COPY . .
RUN yarn build
CMD ["yarn", "start:dev"]

Dockerfile2

# syntax=docker/dockerfile:1.2

FROM node:18.9.0
WORKDIR /app
COPY package*.json .
COPY yarn.lock .
COPY prisma .
RUN --mount=type=secret,id=dburl 
  DATABASE_URL="$(cat /run/secrets/dburl)" 
  && yarn install
RUN --mount=type=secret,id=dburl 
  DATABASE_URL="$(cat /run/secrets/dburl)" 
  && yarn prisma generate
COPY . .
RUN yarn build
CMD ["yarn", "start:dev"]

The build commands for each one are the following respectively:

docker build --progress=plain --no-cache --secret id=_env,src=.env .
docker build --progress=plain --no-cache --secret id=dburl,src=dburl.txt .

Whenever I try this the first call to the prisma client inside the app produces a segmentation fault and crashes the app, whereas it works fine outside of the docker container.

Any help would be greatly appreciated.

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    Turns out either method actually works. The segmentation fault issue is another problem entirely:

    https://github.com/prisma/prisma/issues/10649


  2. 0

    I know this is old but here’s what I did:

    make a migrate.ts (JS is probably better for speed? could do bash too)

    import { secrets } from "docker-secret";
console.log(`postgresql://${process.env.USER}:${secrets.PGPASSWORD}@${process.env.HOST}:${process.env.PORT}/${process.env.DATABASE}`)

    in your schema.prisma

    datasource db {
  provider = "postgresql"
  url      = env("DATABASE_URL")
}

    the env will read what ever env var you pass to it so
    in your docker file, you can do something like this

    RUN DATABASE_URL=$(npx ts-node ./migrate.ts) npx prisma migrate dev --name init

    also note, docker-secret is just a file fetcher,

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search