Open smparekh opened 1 year ago
Hi @smparekh , would you be able to share the list of environment variables (redacted values) set in your container.
here is an excerpt from our task definition
"environment": [
{
"name": "HASURA_GRAPHQL_ENABLE_REMOTE_SCHEMA_PERMISSIONS",
"value": "true"
},
{
"name": "HASURA_GRAPHQL_ENABLED_APIS",
"value": "metadata,graphql,pgdump,developer"
}
],
"secrets": [
{
"valueFrom": "arn:aws-us-gov:ssm:$AWS_REGION:$AWS_ACCOUNT_ID:parameter/REDACTED",
"name": "HASURA_GRAPHQL_DATABASE_URL"
},
{
"valueFrom": "arn:aws-us-gov:ssm:$AWS_REGION:$AWS_ACCOUNT_ID:parameter/REDACTED",
"name": "HASURA_GRAPHQL_JWT_SECRET"
},
{
"valueFrom": "arn:aws-us-gov:ssm:$AWS_REGION:$AWS_ACCOUNT_ID:parameter/REDACTED",
"name": "HASURA_GRAPHQL_ADMIN_SECRET"
}
],
This is not expected if admin secret is set. Based on the logs it seems that secret is set fine. Is it something that started happening recently (was it was working fine earlier?).
yes, i noticed it happening when i upgraded from v2.11.1 to v2.14.0
We have the same issue in v2.15
We have identified root cause of the issue. Please wait for an update for the fix.
Version Information
Server Version: CLI Version (for CLI related issue): v2.14.0
Environment
OSS
What is the current behaviour?
UI shows a little icon on the header indicating a warning with this text:
This graphql endpoint is public and you should add an admin-secretThis graphql endpoint is public and you should add an admin-secret
What is the expected behaviour?
No warning as the admin secret is set (see logs).
Screenshots or Screencast
Please provide any traces or logs that could help here.
Any possible solutions/workarounds you're aware of?
Possible reason is how detection is done, the container is running in ECS and the access key is set via a secret.
Keywords
admin secret