Bad mapping between values.yaml and mariadb?

[neerdoc]

Vanilla installation of the helm chart now works in rancher. Ingress gets picked up with TLS and everything.

However, I did want to change all the passwords in the values.yaml file, and then the setup fails. It seems like there is a mismatch in the mapping of variables somehow.

When I change the two passwords for the database like this:

mariadb:
  architecture: standalone
  auth:
    database: kimai
    password: 'changed?Password1'
    rootPassword: 'myNewRootPass'
    username: kimai

The kimai/kimai2 pod fails with the following error:

Testing DB:** new \PDO(mysql:host=changed?Password1;dbname=changed;port=3306, kimai, , [ \PDO::ATTR_ERRMODE => \PDO::ERRMODE_EXCEPTION ]);*SQLSTATE[HY000] [2002] php_network_getaddresses: getaddrinfo failed: Name or service not known (?)Checking DB: 10 

So, as far as I can see, it looks like the mariadb.auth.password variable:

1. Gets mapped to both host and dbname (and not(?) to the password)
2. In the mapping to dbname it also gets truncated at the questionmark.

I double checked the Secrets in kubernetes, and there the passwords are correctly stored, so it should not be a problem with strange characters and/or escaping.

[neerdoc]

Seems like it is an issue with characters and escaping after all! Removing the ? fixes the issue. I also noted that / is a no go for the passwords to the database. It only seems to be an issue for the mariadb.auth.password though. I have special characters in mariadb.auth.rootPassword and in kimaiAdminPassword without any issues.

[robjuz]

I will take a look. Thanks for the report!

W dniu wt., 1.06.2021 o 10:28 Gustav Johansson @.***> napisał(a):

Seems like it is an issue with characters and escaping after all! Removing the ? fixes the issue. I also noted that / is a no go for the passwords to the database. It only seems to be an issue for the mariadb.auth.password though. I have special characters in mariadb.auth.rootPassword and in kimaiAdminPassword without any issues.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/robjuz/helm-charts/issues/2#issuecomment-851935974, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACFLPUFZJV6JNL26WKO3NX3TQSK4HANCNFSM454EMKQA .

[neerdoc]

I've tried to look through this, and I believe that there are two problems.

1. The _helpers.tpl needs to use escape sequences to ensure special characters are rendered correctly.
2. The startup.sh file upstream in the docker container uses the connection of a single long string to mysql instead of using the more stable use of separated arguments. This in turn might depend on the (further upstream) implementation.

So, I don't believe this issue can be entirely fixed without some upstream fixes.

Maybe add information in the values.yaml that only use alphanumeric characters in the password?

[robjuz]

I get yesterday to the same conclusion. I will add a note to the Readme

W dniu śr., 2.06.2021 o 12:04 Gustav Johansson @.***> napisał(a):

I've tried to look through this, and I believe that there are two problems.

1. The _helpers.tpl needs to use escape sequences to ensure special characters are rendered correctly.
2. The startup.sh file upstream https://github.com/tobybatch/kimai2 in the docker container uses the connection of a single long string to mysql instead of using the more stable use of separated arguments. This in turn might depend on the (further upstream https://github.com/kevinpapst/kimai2/) implementation.

So, I don't believe this issue can be entirely fixed without some upstream fixes.

Maybe add information in the values.yaml that only use alphanumeric characters in the password?

— You are receiving this because you commented.

Reply to this email directly, view it on GitHub https://github.com/robjuz/helm-charts/issues/2#issuecomment-852895408, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACFLPUEVPW4CAHELV23OO23TQX62FANCNFSM454EMKQA .