search

mesosphere / marathon-lb

Marathon-lb is a service discovery & load balancing tool for DC/OS
Apache License 2.0
449 stars 300 forks source link

Unable to start if auth-credentials contains % sign #511

Closed patryk-s closed 5 years ago

patryk-s commented 6 years ago

Recent changes (v1.11) to the run script cause issues if the password to marathon contains a % sign. This is caused by printf which would need to have it escaped by doubling it (%%):

$ docker run --rm -e PORTS=9090 mesosphere/marathon-lb:v1.11.1 sse --auth-credentials 'user:passwor%'  
[/marathon-lb /marathon-lb/run] 9090 > /marathon-lb/service/haproxy/env/PORTS
Generating RSA private key, 2048 bit long modulus
....................................................................................................+++
......................................................+++
e is 65537 (0x010001)
Signature ok
subject=CN = *
Getting Private key
[/marathon-lb /marathon-lb/run] Created /marathon-lb/service/lb/run with contents:
/marathon-lb/run: line 7: printf: `\': invalid format character
[/marathon-lb /marathon-lb/run] #!/bin/sh
exec 2>&1
cd /marathon-lb
exec /marathon-lb/marathon_lb.py     --syslog-socket /dev/null     --haproxy-config /marathon-lb/haproxy.cfg     --ssl-certs "/etc/ssl/cert.pem"     --command "sv reload /marathon-lb/service/haproxy"     --sse --auth-credentials user:passwor
stevenlee87 commented 6 years ago

same to you. that's why?

jkoelker commented 5 years ago

This is fixed by https://github.com/mesosphere/marathon-lb/pull/493. To specify the auth-credentials, now setting the ENV vars is the appropriate way:

$ docker run -e MARATHON_USER='usernam' -e MARATHON_PASSWORD='passw%' --net=host jkoelker/jkoelker-marathon-lb-dev:7d4607dd7327 sse --group external
Unable to find image 'jkoelker/jkoelker-marathon-lb-dev:7d4607dd7327' locally
7d4607dd7327: Pulling from jkoelker/jkoelker-marathon-lb-dev
bac5159b230a: Pull complete
45a9db5cdbdd: Pull complete
1990c8d03186: Pull complete
2ef0edfb1eb1: Pull complete
f8c91c778356: Pull complete
0935ae6da9a0: Pull complete
Digest: sha256:24f1bbad3bcb7e1367125f305d8b99cb40ffb17c98ae09e4bae6c08b5c1b26a4
Status: Downloaded newer image for jkoelker/jkoelker-marathon-lb-dev:7d4607dd7327
[/marathon-lb /marathon-lb/run] 2020,2021 > /marathon-lb/service/haproxy/env/PORTS
Generating RSA private key, 2048 bit long modulus (2 primes)
...................................................................+++++
.........................................................+++++
e is 65537 (0x010001)
Signature ok
subject=CN = *
Getting Private key
[/marathon-lb /marathon-lb/run] Created /marathon-lb/service/lb/run with contents:
[/marathon-lb /marathon-lb/run] #!/bin/sh
exec 2>&1
sv status /marathon-lb/service/haproxy || exit 1
cd /marathon-lb
exec /marathon-lb/marathon_lb.py     --syslog-socket /dev/null     --haproxy-config /marathon-lb/haproxy.cfg     --ssl-certs "/etc/ssl/cert.pem"     --command "/marathon-lb/reload_haproxy.sh"     --sse --auth
-credentials usernam:passw 0roup external
run: /marathon-lb/service/haproxy: (pid 25) 0s
[ALERT] 083/202049 (25) : Cannot open configuration file/directory /marathon-lb/haproxy.cfg : No such file or directory