search

dotnet / aspire

Tools, templates, and packages to accelerate building observable, production-ready apps
https://learn.microsoft.com/dotnet/aspire
MIT License
3.95k stars 485 forks source link

Incorrect file permission for /pgadmin4/servers.json using WithPgAdmin #2957

Closed miceiken closed 6 months ago

miceiken commented 8 months ago

I'm running into an issue on Windows 10 using WSL 2 with Ubuntu 22.04.4 LTS where the pgAdmin container is unable to read the bind mounted tmp file mapped to /pgadmin4/servers.json

System information:

➜  ~ dotnet --version
8.0.201
➜  ~ dotnet workload --info
 Workload version: 8.0.200-manifests.a7f084b6
 [aspire]
   Installation Source: SDK 8.0.200
   Manifest Version:    8.0.0-preview.4.24156.9/8.0.100
   Manifest Path:       /home/miceiken/.dotnet/sdk-manifests/8.0.100/microsoft.net.sdk.aspire/8.0.0-preview.4.24156.9/WorkloadManifest.json
   Install Type:        FileBased

AppHost:

var postgres = builder
    .AddPostgres("postgres")
    .WithVolumeMount("volume.postgres", "/var/lib/postgresql/data")
    .WithPgAdmin();

Logs from pgAdmin container:

2024-03-16 17:33:23 NOTE: Configuring authentication for DESKTOP mode.
2024-03-16 17:33:23 pgAdmin 4 - Application Initialisation
2024-03-16 17:33:23 ======================================
2024-03-16 17:33:23 
2024-03-16 17:33:32 ----------
2024-03-16 17:33:32 Loading servers with:
2024-03-16 17:33:32 User: pgadmin4@pgadmin.org
2024-03-16 17:33:32 SQLite pgAdmin config: /var/lib/pgadmin/pgadmin4.db
2024-03-16 17:33:32 ----------
2024-03-16 17:33:36 Error reading input file /pgadmin4/servers.json: [13] Permission denied

Executed in the container shell:

/pgadmin4 $ cat servers.json 
cat: can't open 'servers.json': Permission denied
/pgadmin4 $ ls -la servers.json 
-rw-------    1 1000     1000           232 Mar 16 16:33 servers.json

On host:

$ ls -la /tmp/tmphpJFaH.tmp
-rw------- 1 miceiken miceiken 232 Mar 16 17:33 /tmp/tmphpJFaH.tmp
$ cat /tmp/tmphpJFaH.tmp
{"Servers":{"1":{"Name":"postgres","Group":"Aspire instances","Host":"host.docker.internal","Port":54322,"Username":"postgres","SSLMode":"prefer","MaintenanceDB":"postgres","PasswordExecCommand":"echo \u0027--stripped-\u0027"}}}
ivan-84 commented 8 months ago

@miceiken I'm having a different issue with WithVolumeMount (not using pgAdmin4, just trying to persist data and getting "_Npgsql.PostgresException: '28000: no pg_hba.conf entry for host "172.17.0.1", user "postgres", database "SOME_TESTDB", no encryption'"), but your code doesn't seem to be right - you're missing a persistent password which is required for named volumes, check the documentation and see if it helps.

miceiken commented 8 months ago

@miceiken I'm having a different issue with WithVolumeMount (not using pgAdmin4, just trying to persist data and getting "_Npgsql.PostgresException: '28000: no pg_hba.conf entry for host "172.17.0.1", user "postgres", database "SOME_TESTDB", no encryption'"), but your code doesn't seem to be right - you're missing a persistent password which is required for named volumes, check the documentation and see if it helps.

Yeah, that is just sloppy editing on my part. The volume mount is not related to the issue here.

oskardudycz commented 6 months ago

I'm getting the same issue on Pop!_OS distribution (Ubuntu 22.04 based). PgAdmin container is starting; PgAdmin is opening, but servers list is empty when I open UI.

When I checked PgAdmin container logs, I'm getting as @miceiken error: Error reading input file /pgadmin4/servers.json: [13] Permission denied.

The setup: https://github.com/oskardudycz/EventSourcing.NetCore/blob/aa70f126f92ef07dc5ff1bab84d347cfe878e6b7/Sample/ECommerce/ECommerce.AppHost/Program.cs#L3-L9 is here.

It's a bit more complicated but same happens for basic setup like:

var postgres = builder.AddPostgres("postgres-db")
    .WithEnvironment("POSTGRES_DB", "carts")
    .WithPgAdmin();

Interestingly it works fine on my Windows 11 box.

Looks like some permissions to the pg_admin setup (maybe some volume provisioning issue between containers).

Per @davidfowl suggestion, I checked what are the file permissions for the temp file generated by WithPgAdmin in this place, and I got:

$ ls -l /tmp/tmpiev4fh.tmp
-rw------- 1 oskar oskar 0 May 15 17:10 /tmp/tmpiev4fh.tmp

After connecting to PgAdmin container shell I'm getting:

$ docker exec -it postgres-db-pgadmin-42gcm2o /bin/sh 
/pgadmin4 $ cd /pgadmin4
/pgadmin4 $ ls -l servers.json
-rw-------    1 1000     1000           233 May 15 16:13 servers.json
/pgadmin4 $ cat servers.json
cat: can't open 'servers.json': Permission denied

I'm running Aspire from Rider both on Linux and Windows. Running Rider on Linux with sudo didn't help. Same with running with or without Rider Aspire plugin.

davidfowl commented 6 months ago

This is fixed https://github.com/dotnet/aspire/pull/4191

tungphuong commented 5 months ago

Do you have any plans to release this fix? Or how can we use it in the preview release? Thanks!

davidfowl commented 5 months ago

https://github.com/dotnet/aspire/blob/main/docs/using-latest-daily.md