[bug]: post profile picture to external MinIO works but photo doesn't actually show on plane

[ktw1016]

Is there an existing issue for this?

• [X] I have searched the existing issues

Current behavior

On Plane profile settings, I upload a picture (200kb) successfully which actually does post to the external MinIO instance. However, the posted picture doesn't actually get displayed on Plane. Instead, it's just a picture with my name on it on black background

This is the logs from plane-api pod: 10.163.65.138:50680 - "POST /api/users/file-assets/ HTTP/1.1" 201 10.163.65.138:50680 - "PATCH /api/users/me/ HTTP/1.1" 200 10.163.118.21:48050 - "GET / HTTP/1.1" 200 10.163.118.21:38720 - "GET / HTTP/1.1" 200 ERROR 2024-07-08 17:48:17,385 exception_logger 28 139936386587448 An error occurred (InvalidAccessKeyId) when calling the ListObjectsV2 operation: The AWS Access Key Id you provided does not exist in our records. ERROR 2024-07-08 17:48:17,389 log 28 139936401681208 Internal Server Error: /api/project-covers/ 10.163.65.138:49630 - "GET /api/project-covers/ HTTP/1.1" 500 10.163.118.21:55854 - "GET / HTTP/1.1" 200 10.163.118.21:35968 - "GET / HTTP/1.1" 200 10.163.118.21:52102 - "GET / HTTP/1.1" 200 10.163.118.21:48392 - "GET / HTTP/1.1" 200 10.163.65.138:44486 - "GET /api/instances/ HTTP/1.1" 200 10.163.65.138:44486 - "GET /api/users/me/ HTTP/1.1" 200 10.163.65.138:44486 - "GET /api/users/me/profile/ HTTP/1.1" 200 10.163.65.138:44498 - "GET /api/users/me/settings/ HTTP/1.1" 200 10.163.66.155:37790 - "GET /api/users/me/workspaces/ HTTP/1.1" 200 10.163.65.138:44486 - "GET /api/unsplash/?query= HTTP/1.1" 200

Steps to reproduce

1. Self-host plane with local_setup: false and set env.aws_access_key env.aws_secret_access_key env.aws_region aws_s3_endpoint_url
2. On Plane, go to profile settings
3. Click profile picture
4. Upload a picture and click "Upload & Save"
5. Picture gets successfully uploaded to the external minio instance
6. On Plane, uploaded picture is not displayed, instead just default photo with a name on it is shown (as shown on the screenshot above)

Environment

Production

Browser

Mozilla Firefox and Chrome

Variant

Self-hosted

Version

plane-ce-1.0.19 (helm chart)

[pablohashescobar]

@ktw1016, in the logs you can see the error

ERROR 2024-07-08 17:48:17,385 exception_logger 28 139936386587448 An error occurred (InvalidAccessKeyId) when calling the ListObjectsV2 operation: The AWS Access Key Id you provided does not exist in our records.

Can you check if you AWS access key id is correct.

[ktw1016]

Can you check if you AWS access key id is correct.

@pablohashescobar hello, yes, as I mentioned, plane is posting a photo successfully to minio. The keys are correct and would have to be correct to be able to post. And it's an admin keys (full permissions to our S3 instance)

[pablohashescobar]

Can you check if your s3 configuration is set accordingly

* Block all public access - Off
* Bucket Policy
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::<bucket_name>/*"
        }
    ]
}
* Object Ownership - Bucket Owner Prefered
* ACL
    * Bucket owner:
        1. Objects - list, write
        2. Bucket ACL - read, write
    * Everyone (Public Access):
        1. Objects - None
        2. Bucket ACL - read

[ktw1016]

Can you check if your s3 configuration is set accordingly

* Block all public access - Off
* Bucket Policy
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::<bucket_name>/*"
        }
    ]
}
* Object Ownership - Bucket Owner Prefered
* ACL
    * Bucket owner:
        1. Objects - list, write
        2. Bucket ACL - read, write
    * Everyone (Public Access):
        1. Objects - None
        2. Bucket ACL - read

Yes, the supplied key has permissions to list objects, get objects