coop-cloud/organising
coop-cloud
/
organising
7
0
Fork 0
Code Issues 158 Pull Requests Projects 2 Releases Activity

Removing and re-creating app uses old secrets #448

New Issue
Closed
opened 2023-04-21 17:25:35 +00:00 by iexos · 2 comments
iexos commented 2023-04-21 17:25:35 +00:00
Member
Copy Link

Steps to reproduce

  • abra app new nextcloud -s <server> -D <domain>
  • abra app secret generate <domain> -a
  • take note of secrets
  • abra app deploy <domain>
  • login using admin_password -> works
  • abra app undeploy <domain>
  • abra app remove <domain>
  • abra app new nextcloud -s <server> -D <domain>
  • abra app secret generate <domain> -a
  • take also note of these secrets
  • abra app deploy <domain>
  • login using new admin_password -> doesn't work
  • login using old admin_password -> works

fun fact: /run/secrets/ in the running containers shows the new passwords, but it was configured with the old passwords (as you can see with db_password in nextcloud's config.php). Something weird with docker secrets going on i guess

Is this what is meant with "docker secrets are immutable"? The thing is, if I didn't commit the first deployment, I have no way of knowing which secret versions have been used yet.

### Steps to reproduce - `abra app new nextcloud -s <server> -D <domain>` - `abra app secret generate <domain> -a` - take note of secrets - `abra app deploy <domain>` - login using admin_password -> works - `abra app undeploy <domain>` - `abra app remove <domain>` - `abra app new nextcloud -s <server> -D <domain>` - `abra app secret generate <domain> -a` - take also note of these secrets - `abra app deploy <domain>` - login using new admin_password -> doesn't work - login using old admin_password -> works fun fact: /run/secrets/ in the running containers shows the new passwords, but it was configured with the old passwords (as you can see with db_password in nextcloud's config.php). Something weird with docker secrets going on i guess Is this what is meant with "docker secrets are immutable"? The thing is, if I didn't commit the first deployment, I have no way of knowing which secret versions have been used yet.
iexos added the
bug
 label 2023-04-21 17:25:36 +00:00
iexos changed title from Removing an re-creating app uses old secrets to Removing and re-creating app uses old secrets 2023-04-21 17:26:30 +00:00
iexos commented 2023-04-23 13:38:03 +00:00
Author
Member
Copy Link

After some more testing I realize, this has nothing to do with secrets per se, but with abra remove not removing volumes. And then they are reused with the old configuration. This is a bug, no?

After some more testing I realize, this has nothing to do with secrets per se, but with `abra remove` not removing volumes. And then they are reused with the old configuration. This is a bug, no?
iexos commented 2023-04-23 13:48:17 +00:00
Author
Member
Copy Link

Ok, and now i see this has been fixed in ee4315adb3

Ok, and now i see this has been fixed in https://git.coopcloud.tech/coop-cloud/abra/commit/ee4315adb3be29e1872eb0e1d328763b49649aa9
iexos closed this issue 2023-04-23 13:48:18 +00:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
master
Labels
Clear labels   
abra

Everything to do with abra

  
abra-gandi

Abra Gandi plugin

  
awaiting-feedback

Ping/pong on comms

  
backups

   
bug

Something is not working

  
build

Go build related issues

  
ci/cd

Getting the robots into the mix

  
community organising

Opening this thing up

  
contributing

Contributors stuff

  
coopcloud.tech

Our main website

  
democracy

Democratic decision making

  
design

Design thinking required

  
documentation

Let's write things together

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
finance

Money things

  
funding

Anything related to grant funding

  
good first issue

Easy start with development

  
help wanted

Need some help

  
installer

Installation related issues

  
kadabra

   
performance

Performance related

  
proposal

Large change which requires feedback & decisin making

  
question

More information is needed

  
recipes.coopcloud.tech

Our recipes catalogue

  
security

Securing our shit

  
test

Unit or integration test suite

  
wontfix

This won't be fixed

No Label
abra
abra-gandi
awaiting-feedback
backups
bug
build
ci/cd
community organising
contributing
coopcloud.tech
democracy
design
documentation
duplicate
enhancement
finance
funding
good first issue
help wanted
installer
kadabra
performance
proposal
question
recipes.coopcloud.tech
security
test
wontfix
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: coop-cloud/organising#448
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?