[go: up one dir, main page]

mailroom chart does not support external redis with password disabled

Summary

I've deployed gitlab to kubernetes using the gitlab chart and am using an external redis server which does not use password authentication. I'm now attempting to configure incoming email but the mailroom POD comes up with an error of /var/opt/gitlab/mail_room.yml:14:in read': No such file or directory @ rb_sysopen - /etc/gitlab/redis/password (Errno::ENOENT)`

Steps to reproduce

Configure your gitlab helm chart release with external redis as follows:

global:
  redis:
    host: 10.0.0.1
    password:
      enabled: false

Also configure

global:
  appConfig:
    incomingEmail:
    ...

What is the current bug behavior?

The mailroom POD will fail to run with the following log output in /var/log/gitlab/mail_room.log

/var/opt/gitlab/mail_room.yml:14:in `read': No such file or directory @ rb_sysopen - /etc/gitlab/redis/password (Errno::ENOENT)
	from /var/opt/gitlab/mail_room.yml:14:in `<main>'
	from /usr/lib/ruby/2.4.0/erb.rb:896:in `eval'
	from /usr/lib/ruby/2.4.0/erb.rb:896:in `result'
	from /usr/lib/ruby/gems/2.4.0/gems/mail_room-0.9.1/lib/mail_room/configuration.rb:18:in `initialize'
	from /usr/lib/ruby/gems/2.4.0/gems/mail_room-0.9.1/lib/mail_room/cli.rb:38:in `new'
	from /usr/lib/ruby/gems/2.4.0/gems/mail_room-0.9.1/lib/mail_room/cli.rb:38:in `initialize'
	from /usr/lib/ruby/gems/2.4.0/gems/mail_room-0.9.1/bin/mail_room:5:in `new'
	from /usr/lib/ruby/gems/2.4.0/gems/mail_room-0.9.1/bin/mail_room:5:in `<top (required)>'
	from /usr/bin/mail_room:23:in `load'
	from /usr/bin/mail_room:23:in `<main>'

And indeed if I look /var/opt/gitlab/mail_room.yml the line for redis is: :redis_url: redis://:<%= File.read("/etc/gitlab/redis/password") %>@10.0.0.1:6379

So I checked out https://gitlab.com/charts/gitlab/blob/master/charts/gitlab/charts/mailroom/templates/configmap.yaml and the problem is that line 26 does not check whether the password option for redis is enabled.

What is the expected correct behavior?

I would expect that mail_room.yml would only include the redis password section if password is enabled using something similar to what's used in other configmaps such as {{- if .Values.global.redis.password.enabled }}

Edited by Arthur Wiebe