Skip to content

Fix misleading error when _FILE secret is not readable #9622

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
kon-foo wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Fix misleading error when _FILE secret is not readable #9622

kon-foo wants to merge 2 commits into from
+4 −0

Conversation

@kon-foo
Copy link

@kon-foo kon-foo commented Feb 9, 2026
edited by coderabbitai bot
Loading

Problem

When a *_FILE environment variable (e.g. PGADMIN_DEFAULT_PASSWORD_FILE) points to a file that doesn't exist or isn't readable, the file_env() function silently reads an empty string, exports the base variable as empty, and then unsets the _FILE variable.

This causes the downstream validation to produce a misleading error:

You need to define the PGADMIN_DEFAULT_EMAIL and PGADMIN_DEFAULT_PASSWORD or
PGADMIN_DEFAULT_PASSWORD_FILE environment variables.

...even though PGADMIN_DEFAULT_PASSWORD_FILE was correctly set. This is a common scenario when using Docker secrets with incorrect mount paths or file permissions.

Proposed Fix

Add an explicit check for file readability before attempting to read it. If it fails, issue an clear error message and exit immidiately.

	elif [ "${!fileVar:-}" ] && [ ! -r "${!fileVar}" ]; then
		printf >&2 'error: %s is set to "%s" but the file does not exist or is not readable\n' \
			"$fileVar" "${!fileVar}"
		exit 1

Performed Tests

Scenario Test Result
_FILE set, file exists & readable ✅ Works
_FILE set, file doesn't exist ✅ new,clear error message
_FILE set, file exists but not readable ✅ new, clear error message
_FILE not set, base var set ✅ Works
Neither set ✅ clear error message (same as before
Both set ✅ clear error message (same as before

To reproduce the tests

  1. Build the Docker Image, e.g. docker build -t pgadmin-better-error:1 .
  2. Create Password Files
echo "wontwork" | sudo tee password-wrong-permissions >/dev/null && sudo chown root:root password-wrong-permissions && sudo chmod 600 password-wrong-permissions
echo "pwfromfile" | sudo tee password-right-permissions >/dev/null && sudo chown 5050:5050 password-right-permissions && sudo chmod 600 password-right-permissions
  1. Use this compose file to test different secnarios:
services:
  pgadmin:
    image: pgadmin-better-error:1
    container_name: pgadmin
    secrets:
      - password-wrong-permissions
      - password-right-permissions
    ports:
      - 8080:80
    environment:
      - PGADMIN_DEFAULT_PASSWORD_FILE=/run/secrets/password-wrong-permissions
      # - PGADMIN_DEFAULT_PASSWORD_FILE=/run/secrets/password-non-existing
      # - PGADMIN_DEFAULT_PASSWORD_FILE=/run/secrets/password-right-permissions
      # - PGADMIN_DEFAULT_PASSWORD=pwfromenvvar
      - PGADMIN_DEFAULT_EMAIL=example@pgadmin.org

secrets:
  password-wrong-permissions:
    file: ./password-wrong-permissions
  password-right-permissions:
    file: ./password-right-permissions

Summary by CodeRabbit

  • Bug Fixes
    • Improved Docker startup validation: the system now detects when an environment-variable configuration file is missing or unreadable, reports a clear error message, and exits to prevent misconfiguration.
    • Retains existing checks to prevent simultaneous use of both an environment variable and its corresponding file-based value.

@coderabbitai
Copy link

coderabbitai bot commented Feb 9, 2026
edited
Loading

Walkthrough

Adds file-existence and readability validation to the file_env function in the Docker entrypoint script; if a VAR_FILE is set but the referenced file is missing or unreadable, the script prints an error and exits with status 1.

Changes

Cohort / File(s) Summary
Error Handling
pkg/docker/entrypoint.sh		 Adds a branch in file_env to detect when a VAR_FILE is set but the target file is missing or not readable; prints an error and exits with code 1. Preserves existing mutual-exclusivity check between VAR and VAR_FILE.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly and accurately summarizes the main change: adding error handling to detect and report when a _FILE secret variable points to a non-existent or unreadable file, directly addressing the problem described in the PR objectives.
Docstring Coverage ✅ Passed Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing touches
  • 📝 Generate docstrings
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment

No actionable comments were generated in the recent review. 🎉

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@kon-foo