If you pulled the openknowledge/ckan-base or openknowledge/ckan-dev images on or after 2023-01-30 you will notice that two things happen:
Existing login sessions will be closed, forcing users to re-login
Existing API Tokens will no longer work
This is because due to CVE-2023-22746, changes were made to the images to ensure a unique session secret key was used when creating a container, to avoid sharing the same key across instances. As a new key will be used, old API Tokens will no longer work and will need to be re-generated.
To avoid this in the future make sure to persist the various secret keys in your .env file with the rest of your secrets:
If you pulled the
openknowledge/ckan-baseoropenknowledge/ckan-devimages on or after 2023-01-30 you will notice that two things happen:This is because due to CVE-2023-22746, changes were made to the images to ensure a unique session secret key was used when creating a container, to avoid sharing the same key across instances. As a new key will be used, old API Tokens will no longer work and will need to be re-generated.
To avoid this in the future make sure to persist the various secret keys in your
.envfile with the rest of your secrets:https://github.com/okfn/docker-ckan/blob/4746d8cc9d1a6ecb0c209cdf501b8d0f4f3cd224/.env.example#L9-L12
If you had your secrets defined in the
.envfile as above you won't be affected by this change (i.e. your API Tokens will keep working as expected)