Removing and re-creating app uses old secrets #448
Labels
No Label
abra
abra-gandi
awaiting-feedback
backups
bug
build
ci/cd
community organising
contributing
coopcloud.tech
democracy
design
documentation
duplicate
enhancement
finance
funding
good first issue
help wanted
installer
kadabra
performance
proposal
question
recipes.coopcloud.tech
security
test
wontfix
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: coop-cloud/organising#448
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Steps to reproduce
abra app new nextcloud -s <server> -D <domain>
abra app secret generate <domain> -a
abra app deploy <domain>
abra app undeploy <domain>
abra app remove <domain>
abra app new nextcloud -s <server> -D <domain>
abra app secret generate <domain> -a
abra app deploy <domain>
fun fact: /run/secrets/ in the running containers shows the new passwords, but it was configured with the old passwords (as you can see with db_password in nextcloud's config.php). Something weird with docker secrets going on i guess
Is this what is meant with "docker secrets are immutable"? The thing is, if I didn't commit the first deployment, I have no way of knowing which secret versions have been used yet.
Removing an re-creating app uses old secretsto Removing and re-creating app uses old secretsAfter some more testing I realize, this has nothing to do with secrets per se, but with
abra remove
not removing volumes. And then they are reused with the old configuration. This is a bug, no?Ok, and now i see this has been fixed in
ee4315adb3