[PR #79] fix(docker): remove :ro from kiro-cli SQLite volume mount #76

New issue

Open

opened 2026-02-27 07:17:51 +03:00 by kerem · 0 comments

kerem commented

2026-02-27 07:17:51 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/jwadow/kiro-gateway/pull/79
Author: @kilhyeonjun
Created: 2/12/2026
Status: 🔄 Open

Base: main ← Head: fix/sqlite-volume-readonly

📝 Commits (1)

5cd82db fix(docker): remove :ro from kiro-cli SQLite volume mount (#78)

📊 Changes

10 files changed (+18 additions, -18 deletions)

View changed files

📝 AGENTS.md (+1 -1)
📝 README.md (+2 -2)
📝 docker-compose.yml (+1 -1)
📝 docs/es/README.md (+2 -2)
📝 docs/id/README.md (+2 -2)
📝 docs/ja/README.md (+2 -2)
📝 docs/ko/README.md (+2 -2)
📝 docs/pt/README.md (+2 -2)
📝 docs/ru/README.md (+2 -2)
📝 docs/zh/README.md (+2 -2)

📄 Description

Summary

Fixes #78

The kiro-cli SQLite database volume is documented as :ro (read-only), but auth.py writes refreshed tokens back to it via _save_credentials_to_sqlite(). This causes silent failures:

SQLite error saving credentials: attempt to write a readonly database

After container restart, stale tokens are loaded → authentication failures → downstream Connection error / HTTP 504.

Changes

Removed :ro from kiro-cli SQLite volume mount in:

docker-compose.yml
README.md
AGENTS.md
All translated docs (docs/ja/, docs/ru/, docs/pt/, docs/zh/, docs/ko/, docs/id/, docs/es/)

~/.aws/sso/cache mounts remain :ro — the gateway only reads from those.

Test

No code changes, documentation-only fix
Verified locally: container starts with rw mount, _save_credentials_to_sqlite() succeeds without errors

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/jwadow/kiro-gateway/pull/79 **Author:** [@kilhyeonjun](https://github.com/kilhyeonjun) **Created:** 2/12/2026 **Status:** 🔄 Open **Base:** `main` ← **Head:** `fix/sqlite-volume-readonly` --- ### 📝 Commits (1) - [`5cd82db`](https://github.com/jwadow/kiro-gateway/commit/5cd82dbd347434056d20cbeabf24c1dd31eed0f1) fix(docker): remove :ro from kiro-cli SQLite volume mount (#78) ### 📊 Changes **10 files changed** (+18 additions, -18 deletions) <details> <summary>View changed files</summary> 📝 `AGENTS.md` (+1 -1) 📝 `README.md` (+2 -2) 📝 `docker-compose.yml` (+1 -1) 📝 `docs/es/README.md` (+2 -2) 📝 `docs/id/README.md` (+2 -2) 📝 `docs/ja/README.md` (+2 -2) 📝 `docs/ko/README.md` (+2 -2) 📝 `docs/pt/README.md` (+2 -2) 📝 `docs/ru/README.md` (+2 -2) 📝 `docs/zh/README.md` (+2 -2) </details> ### 📄 Description ## Summary Fixes #78 The kiro-cli SQLite database volume is documented as `:ro` (read-only), but `auth.py` writes refreshed tokens back to it via `_save_credentials_to_sqlite()`. This causes silent failures: ``` SQLite error saving credentials: attempt to write a readonly database ``` After container restart, stale tokens are loaded → authentication failures → downstream `Connection error` / `HTTP 504`. ## Changes Removed `:ro` from kiro-cli SQLite volume mount in: - `docker-compose.yml` - `README.md` - `AGENTS.md` - All translated docs (`docs/ja/`, `docs/ru/`, `docs/pt/`, `docs/zh/`, `docs/ko/`, `docs/id/`, `docs/es/`) > `~/.aws/sso/cache` mounts remain `:ro` — the gateway only reads from those. ## Test - No code changes, documentation-only fix - Verified locally: container starts with rw mount, `_save_credentials_to_sqlite()` succeeds without errors --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>