trailing whitespace in NGINX_LOCAL_RESOLVERS output

lockejan commented 3 months ago

Describe the bug

When triggering the entrypoint script 15-local-resolver.envsh, it will always include a trailing whitespace in the env. In my nginx template I use "${NGINX_LOCAL_RESOLVERS}" as a placeholder. I usually use double quotes to prevent globbing and word splitting as described by SC2086.
After envsubst replaced the placeholder it will always contain the trailing whitespace. This causes nginx to crash because it can't resolve the host "127.0.0.11 ".

app | 2024/08/01 13:41:25 [emerg] 1#1: host not found in resolver "127.0.0.11 " in /etc/nginx/conf.d/nginx.conf:11 app | nginx: [emerg] host not found in resolver "127.0.0.11 " in /etc/nginx/conf.d/nginx.conf:11

Even though SC2086 might not be applicable to sh and getting rid of the quotation marks would be sufficient as well, I couldn't find a single reason why this could be on purpose.

To reproduce

Steps to reproduce the behavior:

Create a template with containing "${NGINX_LOCAL_RESOLVERS}"
enabling local resolver by passing NGINX_ENTRYPOINT_LOCAL_RESOLVERS=1 to container env
View output/logs/configuration of container

Expected behavior

NGINX_LOCAL_RESOLVERS being set without trailing whitespaces. E.g. "127.0.0.11" not "127.0.0.11 ".

Your environment

Version of Docker and method of installation

λ docker version Client: Version: 26.1.4 API version: 1.45 Go version: go1.21.11 Git commit: 5650f9b Built: Wed Jun 5 11:26:02 2024 OS/Arch: darwin/arm64 Context: desktop-linux

Server: Docker Desktop 4.31.0 (153195) Engine: Version: 26.1.4 API version: 1.45 (minimum version 1.24) Go version: go1.21.11 Git commit: de5c9cf Built: Wed Jun 5 11:29:12 2024 OS/Arch: linux/arm64 Experimental: false containerd: Version: 1.6.33 GitCommit: d2d58213f83a351ca8f528a95fbd145f5654e957 runc: Version: 1.1.12 GitCommit: v1.1.12-0-g51d5e94 docker-init: Version: 0.19.0 GitCommit: de40ad0

Version/tag of the NGINX Unprivileged Docker image:

nginxinc/nginx-unprivileged:mainline-alpine-slim
Target deployment environment/platform:

Docker compose + Kubernetes

Additional context

Add any other context about the problem here.

thresheek commented 3 months ago

Hey @lockejan! Thanks for bringing this to our attention.

Can you show the /etc/resolv.conf from the container so we could reproduce?

lockejan commented 3 months ago

Hey @lockejan! Thanks for bringing this to our attention.

Can you show the /etc/resolv.conf from the container so we could reproduce?

/ $ cat /etc/resolv.conf
# Generated by Docker Engine.
# This file can be edited; Docker Engine will not make further changes once it
# has been modified.

nameserver 127.0.0.11
options ndots:0

# Based on host file: '/etc/resolv.conf' (internal resolver)
# ExtServers: [192.168.65.7]
# Overrides: []
# Option ndots from: internal

I figured it's because of ORS option in the awk command. NGINX_LOCAL_RESOLVERS=$(awk 'BEGIN{ORS=" "} $1=="nameserver" {if ($2 ~ ":") {print "["$2"]"} else {print $2}}' /etc/resolv.conf) https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/entrypoint/15-local-resolvers.envsh#L11

If ORS=" " is changed to ORS="" it won't produce a trailing whitespace.

I was just about to create a PR, but as this project is a mirror I wasn't sure in which repo to open it.

alessfg commented 3 months ago

https://github.com/nginxinc/docker-nginx would be best!

alessfg commented 3 months ago

Yup! I will get to it once I have some spare time :)

alessfg commented 1 month ago

Should have been fixed in https://github.com/nginxinc/docker-nginx-unprivileged/pull/238!

nginxinc / docker-nginx-unprivileged