Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add docs for mysql caching_sha2_password default #550

Merged
merged 1 commit into from
Dec 23, 2021
Merged

Add docs for mysql caching_sha2_password default #550

merged 1 commit into from
Dec 23, 2021

Conversation

huwd
Copy link
Member

@huwd huwd commented Dec 17, 2021
edited

This stumped me for a couple of days.

Since the mysql 8.0 update I had been unable to make whitehall seeing errors when i tried to run: govuk-docker run whitehall-lite bundle exec rails db:prepare.

The stack trace was as follows:

ActiveRecord::ConnectionNotEstablished: Plugin caching_sha2_password could not be loaded: /usr/lib/x86_64-linux-gnu/mariadb19/plugin/caching_sha2_password.so: cannot open shared object file: No such file or dire
ctory                                                                                                                                                                                                              
/govuk/whitehall/app/models/edition/translatable.rb:19:in `block in <module:Translatable>'                                                                                                                         
/govuk/whitehall/app/models/edition.rb:23:in `include'                                                                                                                                                             
/govuk/whitehall/app/models/edition.rb:23:in `<class:Edition>'                                                                                                                                                     
/govuk/whitehall/app/models/edition.rb:3:in `<main>'                                                                                                                                                               
/govuk/whitehall/app/models/publicationesque.rb:9:in `<main>'                                                                                                                                                      
/govuk/whitehall/app/models/publication.rb:8:in `<main>'                                                                                                                                                           
/govuk/whitehall/app/helpers/admin/edition_routes_helper.rb:4:in `<module:EditionRoutesHelper>'                                                                                                                    
/govuk/whitehall/app/helpers/admin/edition_routes_helper.rb:1:in `<main>'                                                                                                                                          
/govuk/whitehall/config/initializers/teaspoon.rb:2:in `<main>'                                                                                                                                                     
/govuk/whitehall/config/environment.rb:5:in `<main>'                                                                                                                                                               
                                                                                                                                                                                                                   
Caused by:                                                                                                                                                                                                         
Mysql2::Error::ConnectionError: Plugin caching_sha2_password could not be loaded: /usr/lib/x86_64-linux-gnu/mariadb19/plugin/caching_sha2_password.so: cannot open shared object file: No such file or directory   
/govuk/whitehall/app/models/edition/translatable.rb:19:in `block in <module:Translatable>'                                                                                                                         
/govuk/whitehall/app/models/edition.rb:23:in `include'                                                                                                                                                             
/govuk/whitehall/app/models/edition.rb:23:in `<class:Edition>'                                                                                                                                                     
/govuk/whitehall/app/models/edition.rb:3:in `<main>'                                                                                                                                                               
/govuk/whitehall/app/models/publicationesque.rb:9:in `<main>'                                                                                                                                                      
/govuk/whitehall/app/models/publication.rb:8:in `<main>'                                                                                                                                                           
/govuk/whitehall/app/helpers/admin/edition_routes_helper.rb:4:in `<module:EditionRoutesHelper>'                                                                                                                    
/govuk/whitehall/app/helpers/admin/edition_routes_helper.rb:1:in `<main>'                                                                                                                                          
/govuk/whitehall/config/initializers/teaspoon.rb:2:in `<main>'                                                                                                                                                     
/govuk/whitehall/config/environment.rb:5:in `<main>'                                                                                                                                                               
Tasks: TOP => db:prepare => db:load_config => environment                                                                                                                                                          
(See full trace by running task with --trace)

This seems to be related to a change in MySQL password default config in v8.
This documents a solution, (with massive thanks to @ChrisBAshton and @brucebolt)

We may want to find a more sustainable solution as part of the MySQL docker setup.
I have created an issue here for that.

@huwd huwd mentioned this pull request Dec 17, 2021
Open
alex9smith
alex9smith approved these changes Dec 20, 2021
View reviewed changes
Copy link
Member

@alex9smith alex9smith left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, one non-blocking request

docs/troubleshooting.md Outdated Show resolved Hide resolved
ChrisBAshton
ChrisBAshton reviewed Dec 20, 2021
View reviewed changes
Copy link
Contributor

@ChrisBAshton ChrisBAshton left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a lot for getting this documented!

I'm not sure it needs quite such a detailed introduction (perhaps some of the context can be added to the commit message itself, rather than the doc), as most devs will just want to dive in and copy and paste the fixes. But happy to leave it in if it's useful 👍

docs/troubleshooting.md Outdated Show resolved Hide resolved
docs/troubleshooting.md Outdated Show resolved Hide resolved
docs/troubleshooting.md Outdated Show resolved Hide resolved
@huwd
Copy link
Member Author

huwd commented Dec 20, 2021

Great thanks both, will get those amended today

@huwd huwd requested a review from alex9smith December 22, 2021 10:43
ChrisBAshton
ChrisBAshton approved these changes Dec 22, 2021
View reviewed changes
Copy link
Contributor

@ChrisBAshton ChrisBAshton left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍 one non-blocking comment if you fancy addressing before merging. Shouldn't need a re-review from me.

docs/troubleshooting.md Outdated Show resolved Hide resolved
@huwd
Add docs for mysql caching_sha2_password default
2ebace2 
In December 2021 we began work to update our database versions.  One
target of this work was to upgrade from MySQL v5.5 to v8.  For example
[see whitehall here](#546)

MySQL 8.0 contains a plugin "[Caching SHA-2 Pluggable
Authentication](https://dev.mysql.com/doc/refman/8.0/en/caching-sha2-pluggable-authentication.html)"
that implements SHA-256 hashing for user account passwords.

In MySQL 8.0 `caching_sha2_password` was made the default over the
previous `mysql_native_password`.

`caching_sha2_password` requires a secure connection or an unencrypted
connection that supports password exchange using an RSA key pair, which
`govuk-docker` is not currently set up to provide.
@huwd huwd merged commit bc23571 into main Dec 23, 2021
@huwd huwd deleted the add-to-troubleshooting branch December 23, 2021 12:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ChrisBAshton ChrisBAshton ChrisBAshton approved these changes

@brucebolt brucebolt Awaiting requested review from brucebolt

@hannako hannako Awaiting requested review from hannako

@alex9smith alex9smith Awaiting requested review from alex9smith

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@huwd @ChrisBAshton @alex9smith