Skip to content

Conversation

amcasey
Copy link
Member

@amcasey amcasey commented Oct 16, 2024

Improve dev-certs export error message

Mention non-existent target directory

Description

During a recent security review of the dev-certs tool, we observed that on export it would create a directory that was potentially world-readable (e.g. based on permissions inherited from the parent directory). We decided it would be more appropriate to let users make the decision of who should have access to the directory. Unfortunately, this removal of functionality broke some app authors' workflows. When dev-certs is run directly, the --verbose output makes it clear what went wrong and what needs to happen, but the non-verbose output that appears when another tool does the export is less helpful. This change introduces a new top-level error state for an export failure caused by a non-existent target directory to make it clearer how to fix broken workflows.

The behavior changed in #57108, which included a backport of #56985, and shipped in 8.0.10.

For #58330

Customer Impact

Development certificate export fails. This is most likely to break scenarios where the app is being developed (or validated in CI) in a container.

Regression?

  • Yes
  • No

8.0.8

Risk

  • High
  • Medium
  • Low

A slightly different string is printed - everything else stays the same.

Verification

  • Manual (required)
  • Automated

Packaging changes reviewed?

  • Yes
  • No
  • N/A

During a recent security review of the dev-certs tool, we observed that on export it would create a directory that was potentially world-readable (e.g. based on permissions inherited from the parent directory).  We decided it would be more appropriate to let users make the decision of who should have access to the directory.  Unfortunately, this removal of functionality broke some app authors' workflows.  When dev-certs is run directly, the `--verbose` output makes it clear what went wrong and what needs to happen, but the non-verbose output that appears when another tool does the export is less helpful.  This change introduces a new top-level error state for an export failure caused by a non-existent target directory to make it clearer how to fix broken workflows.

The behavior changed in dotnet#57108, which included a backport of dotnet#56985, and shipped in 8.0.10.

For dotnet#58330
@ghost ghost added the area-commandlinetools Includes: Command line tools, dotnet-dev-certs, dotnet-user-jwts, and OpenAPI label Oct 16, 2024
@dotnet-policy-service dotnet-policy-service bot added this to the 8.0.x milestone Oct 16, 2024
@amcasey amcasey added the Servicing-consider Shiproom approval is required for the issue label Oct 16, 2024
@amcasey
Copy link
Member Author

amcasey commented Oct 16, 2024

Per discussion in #58330, the issue was not that the verbose error message - which already mentions the missing directory - was unclear but that upstream tooling might not display the verbose output. I'm a little reluctant to add a new error condition for what is hopefully a point-in-time problem, but the behavior change happened in a patch and I expect this failure mode to be quite common.

@amcasey
Copy link
Member Author

amcasey commented Oct 16, 2024

/backport to release/9.0

Copy link
Contributor

Started backporting to release/9.0: https://github.com/dotnet/aspnetcore/actions/runs/11372697592

@amcasey
Copy link
Member Author

amcasey commented Oct 16, 2024

Personally, I think the 8.0 version of this change is the most important, since the behavior changed patch-to-patch. A change in a major version will be less surprising (even though we don't use semver).

@amcasey amcasey changed the title Improve dev-certs export error message [release/8.0] Improve dev-certs export error message Oct 16, 2024
@amcasey
Copy link
Member Author

amcasey commented Oct 16, 2024

Approved over email

@amcasey amcasey added Servicing-approved Shiproom has approved the issue and removed Servicing-consider Shiproom approval is required for the issue labels Oct 16, 2024
@wtgodbe wtgodbe merged commit b74d4a6 into dotnet:release/8.0 Oct 16, 2024
25 checks passed
@dotnet-policy-service dotnet-policy-service bot modified the milestones: 8.0.x, 8.0.11 Oct 16, 2024
@amcasey amcasey deleted the MkdirError8 branch October 17, 2024 16:25
This was referenced Oct 20, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area-commandlinetools Includes: Command line tools, dotnet-dev-certs, dotnet-user-jwts, and OpenAPI Servicing-approved Shiproom has approved the issue

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants