Closed geekifier closed 10 months ago
I enabled debug logs, and it looks like for some reason the password stored in a file adds an \n
at the end (logs formatted for readability):
ENV var password
INFO whats-up-docker/trigger.mqtt.mosquitto: Register with configuration
{
"tls": {
"rejectunauthorized": false
},
"password": "H******************************k",
"user": "wud",
"url": "mqtt://XXX:1883",
"hass": {
"enabled": true,
"prefix": "homeassistant"
},
"topic": "wud/container",
"clientid": "wud_25e24496",
"threshold": "all",
"mode": "simple",
"once": true,
"simpletitle": "New ${kind} found for container ${name}",
"simplebody": "Container ${name} running with ${kind} ${local} can be updated to ${kind} ${remote}\n${link}",
"batchtitle": "${count} updates available"
}
Password loaded with __FILE
INFO whats-up-docker/trigger.mqtt.mosquitto: Register with configuration
{
"tls": {
"rejectunauthorized": false
},
"user": "wud",
"url": "mqtt://XXX:1883",
"hass": {
"enabled": true,
"prefix": "homeassistant"
},
"password": "H*******************************\n",
"topic": "wud/container",
"clientid": "wud_fc893eac",
"threshold": "all",
"mode": "simple",
"once": true,
"simpletitle": "New ${kind} found for container ${name}",
"simplebody": "Container ${name} running with ${kind} ${local} can be updated to ${kind} ${remote}\n${link}",
"batchtitle": "${count} updates available"
}
The file containing the password has no \n
at the end.
Upon further investigation, the same issue occurs with WUD_REGISTRY_LSCR_TOKEN__FILE
(at least in the log), but it does not seem to result in an auth failure, unlike MQTT.
After I saw that you have a test for this here I did some more digging, and sure enough there was an eol
character at the end of the file, I was able to confirm this by using od
. I regenerated the files piping the secrets via echo -n
and all is well now. It's still interesting it did not affect the LSCR token at all!
Running the latest release of WUD (6.3.0), configuring the MQTT watcher by referencing a file secret from a mounted volume does not work.
Working Scenario
Broken scenario
I verified multiple times that the context of the file matches the password value defined in the ENV var. I have also verified that I am able to
cat
the/secrets/WUD_TRIGGER_MQTT_MOSQUITTO_PASSWORD
file from the running container, and I get the correct value.The password is base64 encoded and has no special characters, so I am not sure what is triggering this other than the
__FILE
variable simply being ignored by the MQTT watcher's code.I also have the
WUD_REGISTRY_LSCR_TOKEN__FILE
var defined, and that one works fine (mounted from the same volume).Here are relevant parts of my compose file for
wud
.