Ldaps port cannot be specified via Env Var - potential regression?

Hi,
I made a thread before but I actually realized where the issue is so I removed that and I wanted to make this instead, as kind of a feedback/bug report kind-of thread.
So we had working configuration for RoR version 1.27.1 and ELK at 7.8.1.
We had a working readonlyrest.yml config with ldaps mostly specified via environment variables like this:

ldaps:
    - name: ldap_internal_employees
      host: ${LDAP_INTERNAL_HOST}
      port: ${LDAP_INTERNAL_PORT}
      (...)

After updating our ELK stack, we updated RoR to 1.48.0 and configuration stopped working. RoR would fail on startup with the exception: Server information missing: use 'host' and 'port', 'servers'/'hosts' or 'service_discovery' option. that I believe comes from:

It took me quite a while to figure out that the issue is related to env variables. Environment was properly set(we use docker compose but that doesn’t matter), variables were there and could be seen by readonlyrest.yml, as other variables, used for example in access_control_rules - worked.

So turns out that if ldaps.port is specified via environment variable like in an example above, startup will fail with exception mentioned above, if we hardcode it manually - it works. I believe there’s an issue somewhere with parsing variable to an int that causes this behaviour, and I am fairly sure that it worked in older versions as we did not change configurations for a while(at least not since I work at my current project). We have .env files for docker compose where we would specify

LDAP_INTERNAL_HOST=someserver.ad.somecompany.com
LDAP_INTERNAL_PORT=389
(...)

It might be worth mentioning this behaviour somewhere or fixing parsing of that particular setting.
It’s especially confusing since this example actually uses environment variable in port for ldaps?

It also seems that code and documentation are all over the place when it comes to using environment variables in .yml.
F.e. docs mention ${env:TEST_VAR},
this example uses ${TEST_VAR},
this one has {LDAP1_HOST}
Might be good to mention ‘the right way’ in the docs and/or update older tests/examples.

Hello @lewinskimaciej thank you for contributing to make our product documentation better!

The forum limitations should be removed for you now. You can paste as many links as necessary so we can correct all of them.

We do evolve our syntax slowly in years. And when we do, we normally make sure the backwards compatibility is respected.

In this case we moved to a more explicit ${env:ENV_VAR}, and the latest documentation should all reflect this.

But if the old ${ENV_VAR} syntax stopped working, we have a bug.

@coutoPL WDYT?

Thanks! I’m not sure it’s because of the new syntax though. I checked a lot of combinations and every one failed for me. We moved to hard-coded port(since we use default on all environments anyway) and it seems to work perfectly. Host works with both formats as far as I’ve seen.

Hi Maciej!
Thanks for reporting this. I confirm there is a problem with ENV usage in the LDAP connector “port” field (it works in the case of “host”). I think I know where the problem is. Will try to fix it today evening.

Will let you know.

@lewinskimaciej please try this one: ROR 1.49.0-pre5 for ES 7.8.1

Let us know if it works now

1 Like

Hey, I’ve tested it locally and it seems to work properly :slight_smile: We will update to new version when stable comes out then, for now hardcoded ports are good enough. Thank you!

Great. We are going to release ROR 1.49.0 soon

1 Like