search

crazy-max / diun

Receive notifications when an image is updated on a Docker registry
https://crazymax.dev/diun/
MIT License
2.97k stars 112 forks source link

SECRETS file error when utilized in NOTIF mail TO option via 'diun.yml' #1133

Open irobot73 opened 6 months ago

irobot73 commented 6 months ago

Support guidelines

I've found a bug and checked that ...

Description

Using SECRET file in the TO parameter of the NOTIF for mail generates an error upon init. self-test.

Working:

notif:
  mail:
    host: smtp.domain.com
    port: 587
    ssl: false
    insecureSkipVerify: false
    usernameFile: /run/secrets/smtp_username
    passwordFile: /run/secrets/smtp_password
    from: "diun@domain.com"
    to:
      - "to_name@domain.com" # matches same that's in the ..secrets/smtp_username file

Either instance below throws error:

notif:
  mail:
    host: smtp.domain.com
    port: 587
    ssl: false
    insecureSkipVerify: false
    usernameFile: /run/secrets/smtp_username
    passwordFile: /run/secrets/smtp_password
    from: "diun@domain.com"
    to:
      - /run/secrets/smtp_username

or

notif:
  mail:
    host: smtp.domain.com
    port: 587
    ssl: false
    insecureSkipVerify: false
    usernameFile: /run/secrets/smtp_username
    passwordFile: /run/secrets/smtp_password
    from: "diun@domain.com"
    to: /run/secrets/smtp_username

Expected behaviour

System can re-use the existing SECRET, same as if typed in directly

Actual behaviour

Errors:

docker-compose exec diun diun notif test
diun: error: main.NotifTestCmd.Run(): rpc error: code = Unknown desc = gomail: could not send email 1: gomail: invalid address "/run/secrets/smtp_username": mail: missing '@' or angle-addr

Steps to reproduce

  1. Populate .YML & DIUN.YML config files
  2. Pull & run container
  3. Execute NOTIF test
  4. Note error response when using SECRET file in TO parameter

Diun version

Latest (v4.26.0)

Docker info

docker info
Client: Docker Engine - Community
 Version:    25.0.5
 Context:    default
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.13.1
    Path:     /usr/libexec/docker/cli-plugins/docker-buildx
  compose: Docker Compose (Docker Inc.)
    Version:  v2.25.0
    Path:     /usr/libexec/docker/cli-plugins/docker-compose

Server:
 Containers: 14
  Running: 14
  Paused: 0
  Stopped: 0
 Images: 14
 Server Version: 25.0.5
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Using metacopy: false
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: systemd
 Cgroup Version: 2
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: ae07eda36dd25f8a1b98dfbf587313b99c0190bb
 runc version: v1.1.12-0-g51d5e94
 init version: de40ad0
 Security Options:
  apparmor
  seccomp
   Profile: builtin
  cgroupns
 Kernel Version: 5.15.0-101-generic
 Operating System: Ubuntu 22.04.4 LTS
 OSType: linux
 Architecture: x86_64
 CPUs: 8
 Total Memory: 78.46GiB
 Name: ubuntu
 ID: 3G7R:QW67:P5P5:3TIW:M5WW:I7FS:34G3:POIU:G6CX:D3TW:ED7T:5S4B
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Username: irobot73
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

Docker Compose config

services:
  diun:
    image: crazymax/diun:latest
    container_name: diun
    volumes:
      - ./data:/data
      - ./diun.yml:/diun.yml:ro
      - /etc/localtime:/etc/localtime:ro
      - /etc/timezone:/etc/timezone:ro
      - /var/run/docker.sock:/var/run/docker.sock
    environment:
      - LOG_LEVEL=info
      - LOG_JSON=true
      - LOG_CALLER=true
    secrets:
      - smtp_username
      - smtp_password
    deploy:
      resources:
        limits:
          memory: "2g"
      # https://docs.docker.com/compose/compose-file/compose-file-v3/#restart_policy
      restart_policy:
        condition: on-failure
        delay: 10s
        max_attempts: 3
        #window: 30s
    #restart: always
    labels:
      - "diun.enable=true"

secrets:
  smtp_username:
    file: ./smtp_username.txt
  smtp_password:
    file: ./smtp_password.txt

Logs

$ docker-compose exec diun diun notif test
diun: error: main.NotifTestCmd.Run(): rpc error: code = Unknown desc = gomail: could not send email 1: gomail: invalid address "/run/secrets/smtp_username": mail: missing '@' or angle-addr

Additional info

No response

crazy-max commented 5 months ago

Can you check within the diun container that the secret file exists and is not empty?

docker compose exec diun cat /run/secrets/smtp_username
irobot73 commented 5 months ago

Can you check within the diun container that the secret file exists and is not empty?

docker compose exec diun cat /run/secrets/smtp_username

Sorry for the response delay. Yes, CAT of both ..username & ..password SECRETS respond w/ the expected values

ddick@ubuntu:/nas/Data/diun$ docker compose exec diun cat /run/secrets/smtp_username
i_{rest_of_expected_email_addy}.comddick@ubdocker compose exec diun cat /run/secrets/smtp_password
p{rest_of_expected_pw}yddick@ubuntu:/nas/Data/diun$

Believe I 'hand-jammed' & utilized PRINTF as per...no /CR or /LF noted in the output