Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Kestrel section to appsettings and remove other URL settings #162

Merged
merged 2 commits into from
Jan 10, 2023
Merged

Add Kestrel section to appsettings and remove other URL settings #162

merged 2 commits into from
Jan 10, 2023

Conversation

tjololo
Copy link
Member

@tjololo tjololo commented Jan 9, 2023
edited
Loading

Reverts #155

removing Kestrel section from appsettings.json results in applications trying to start on port 80 once deployed.
Ports below 1024 are marked as privileged on linux and non-root users are not allowed to bind to these ports leading to application crash on startup

Add config in appsettings back and remove applicationUrl from launchSettings and remove value of ASPNETCORE_URLS in docker image to remove warning both locally and in docker

Fixes #163

@tjololo tjololo requested a review from RonnyB71 January 9, 2023 14:34
@tjololo tjololo mentioned this pull request Jan 9, 2023
Closed
@tjololo tjololo changed the title Revert "Remove warning because of double specification of applicationUrl" Add Kestrel section to appsettings and remove other URL settings Jan 9, 2023
@sonarqubecloud
Copy link

sonarqubecloud bot commented Jan 9, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@ivarne
Copy link
Member

ivarne commented Jan 9, 2023

Nice! I guess the restarts wasn’t because of port 80 being privileged, but because the health check running on 5005 killed it.

I think the correct approach would be to override ASPNETCORE_URLS in the cluster, but that is a really minor point.

@tjololo
Copy link
Member Author

tjololo commented Jan 9, 2023

It was an actual privilege problem, first part of the error thrown at startup:

Unhandled exception. System.Net.Sockets.SocketException (13): Permission denied
   at System.Net.Sockets.Socket.UpdateStatusAfterSocketErrorAndThrowException(SocketError error, String callerName)
   at System.Net.Sockets.Socket.DoBind(EndPoint endPointSnapshot, SocketAddress socketAddress)
   at System.Net.Sockets.Socket.Bind(EndPoint localEP)

The health check would be the next to fail if we granted the container more privileges than we need (bind to privileged ports).
By keeping the configuration in appsettings.json we do not force the app developer to run their app on 5005 if they for some reason don't want too without us needing to check if they have overridden the port in appsettings or in some other manor, as they can change de port in the kubernetes helm-chart if they want to

RonnyB71
RonnyB71 approved these changes Jan 10, 2023
View reviewed changes
Copy link
Member

@RonnyB71 RonnyB71 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🕹️

@tjololo tjololo merged commit a3611d2 into main Jan 10, 2023
@tjololo tjololo deleted the revert-155-patch-2 branch January 10, 2023 14:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@RonnyB71 RonnyB71 RonnyB71 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
Team Apps
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Fix crash on startup and remove Kestrel warning when application starts
3 participants
@tjololo @ivarne @RonnyB71