Error: open("packages/api/.strapi-updater.json"): Permission denied

Willibaur · November 19, 2020, 8:53pm

System Information

Strapi Version: 3.3.3
Operating System: Linux Arch & MacOS
Database: Postgres 13.0
Node Version: 14.15.0
NPM Version: 6.14.8
Yarn Version: 1.22.5

Every time I spin my app via docker-compose up Strapi generates a file called .strapi-updater.json with no w/r permissions, this causes an error on Github

error: open("packages/api/.strapi-updater.json"): Permission denied
error: unable to index file 'packages/api/.strapi-updater.json'
fatal: updating files failed

This is the content of that file

{
   "latest": "3.3.3",
   "lastUpdateCheck": 1605818629615
}

I’ve tried modifying the permissions to the file, but Strapi regenerates it and modifies rights on every spin process of my container.

Any other file created/updated by the container like collections or data types can be accessed and pushed easily by git.

Also, I’ve noticed that Sprapi image only allows DATABASE_CLIENT to be part of my secrets, all other env vars break the app when I try to use them with secrets

are these known issues?

Thanks, my docker-compose file

docker-compose.yml

version: '3.8'
services:
  strapi:
    image: strapi/strapi:3.3.3
    depends_on:
      - postgres
    ports:
      - '1337:1337'
    environment:
      DATABASE_CLIENT: /run/secrets/database_client
      DATABASE_NAME: postgres
      DATABASE_HOST: db
      DATABASE_PORT: 5432
      DATABASE_USERNAME: postgres
      DATABASE_PASSWORD: postgres
    secrets:
      - database_client
      - database_host
      - database_name
      - database_password
      - database_port
      - database_username
    volumes:
      - ./packages/api:/srv/app

  postgres:
    image: postgres:13.0
    environment:
      POSTGRES_DB: /run/secrets/postgres_db
      POSTGRES_PASSWORD: /run/secrets/postgres_password
      POSTGRES_USER: /run/secrets/postgres_user
    secrets:
      - postgres_db
      - postgres_password
      - postgres_user
    volumes:
      - strapi_data:/var/lib/postgresql/data

volumes:
  strapi_data:
    external: true

secrets:
  database_client:
    file: ./secrets/development/database_client.txt
  database_host:
    file: ./secrets/development/database_host.txt
  database_name:
    file: ./secrets/development/database_name.txt
  database_password:
    file: ./secrets/development/database_password.txt
  database_port:
    file: ./secrets/development/database_port.txt
  database_username:
    file: ./secrets/development/database_username.txt
  postgres_db:
    file: ./secrets/development/postgres_db.txt
  postgres_password:
    file: ./secrets/development/postgres_password.txt
  postgres_user:
    file: ./secrets/development/postgres_user.txt

Willibaur · November 19, 2020, 9:22pm

I managed to ignore .strapi-updater.json within my .gitignore by doing

removing the file locally
clearing git cache with git rm -r --cached .
git add .
add the file to gitignore
commit the change

Now, every time the container generates the file, it’s being ignored.
Although this is a good solution, it’s not ideal as I might need to do this for every new repo I create if I miss to create my gitignore file beforehand.

DMehaffy · November 19, 2020, 9:38pm

@Pierre_Noel another one for you, is this something we really need in git or can we dump this in the exports folder so it’s just automatically ignored?

Pierre_Noel · November 20, 2020, 11:11am

You are right, I’ll update the .gitignore !

DMehaffy · November 20, 2020, 2:12pm

PR:

https://github.com/strapi/strapi/pull/8707