Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cannot upload logos on bare metal kubernetes #91

Open
davidleechen opened this issue Feb 16, 2024 · 3 comments
Open

Cannot upload logos on bare metal kubernetes #91

davidleechen opened this issue Feb 16, 2024 · 3 comments

Comments

@davidleechen
Copy link

OpenProject 13.3.0 running helm chart 4.5.0, upgrading from 13.0.7 and unknown helm chart version prior.

We have a bare metal kubernetes cluster and it seems #38 changed the way tmp and its new volumes are mounted. It looks like there is a "sort of" workaround where develop: true changes the way those volumes are mounted, and it does seem to work, albeit we have errors about HTTPS since that also is bundled together.

The logging error is below, while attempting to upload a logo in the admin/design page.

# /usr/local/lib/ruby/3.2.0/tmpdir.rb:34:in `block in tmpdir': system temporary path is world-writable: /tmp (StructuredWarnings::StandardWarning)
# /usr/local/lib/ruby/3.2.0/tmpdir.rb:34:in `block in tmpdir': /tmp is world-writable: /tmp (StructuredWarnings::StandardWarning)
# 2024-02-16 18:18:26 +0000 Rack app ("POST /admin/design" - (ipaddress)): #<Errno::EROFS: Read-only file system @ rb_sysopen - /app/RackMultipart20240216-12-lup1dp.svg>

A further note, it's misleading to have tmp volumes while persistence.enabled: false. I went back to read the values comments and it does say "data directory" but I did not immediately make any connections here.

A secondary note, we have s3 turned on with direct upload, why does this even need to go to a tmp dir? Maybe the real fix here is to convert the rest of the custom design stuff to also use direct upload.

Thanks!
@mies-itq
Copy link

mies-itq commented Jun 2, 2024

Same issue over here! With uploading files and addding and editing Wiki pages.

@maximemoreillon
Copy link

maximemoreillon commented Jun 21, 2024
edited
Loading

Same problem here with version 5.2.0 of the Helm chart, i.e. OpenProject v14.
This applies to any file upload.

@davidleechen thanks a lot for pointing out that develop: true provides a workaround the issue! I am looking forward to a proper solution being found

@rmoreas
Copy link

rmoreas commented Oct 5, 2024

Another workaround is setting useTmpVolumes and containerSecurityContext.readOnlyRootFilesystem to false,
what is also not optimal, but this will leave the use of https enabled.

Another workaround is given at https://community.openproject.org/topics/18660?r=18660, but this would require patching
of the deployment since the helm chart doesn't provide values to add init containers.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@davidleechen @rmoreas @maximemoreillon @mies-itq