plane icon indicating copy to clipboard operation
plane copied to clipboard
Published 2 days ago verified publisher icon makeplane

[bug]: post profile picture to external MinIO works but photo doesn't actually show on plane

Open ktw1016 opened this issue 1 year ago • 7 comments

Is there an existing issue for this?

  • [X] I have searched the existing issues

Current behavior

On Plane profile settings, I upload a picture (200kb) successfully which actually does post to the external MinIO instance. However, the posted picture doesn't actually get displayed on Plane. Instead, it's just a picture with my name on it on black background Screenshot 2024-07-08 135805

This is the logs from plane-api pod: 10.163.65.138:50680 - "POST /api/users/file-assets/ HTTP/1.1" 201 10.163.65.138:50680 - "PATCH /api/users/me/ HTTP/1.1" 200 10.163.118.21:48050 - "GET / HTTP/1.1" 200 10.163.118.21:38720 - "GET / HTTP/1.1" 200 ERROR 2024-07-08 17:48:17,385 exception_logger 28 139936386587448 An error occurred (InvalidAccessKeyId) when calling the ListObjectsV2 operation: The AWS Access Key Id you provided does not exist in our records. ERROR 2024-07-08 17:48:17,389 log 28 139936401681208 Internal Server Error: /api/project-covers/ 10.163.65.138:49630 - "GET /api/project-covers/ HTTP/1.1" 500 10.163.118.21:55854 - "GET / HTTP/1.1" 200 10.163.118.21:35968 - "GET / HTTP/1.1" 200 10.163.118.21:52102 - "GET / HTTP/1.1" 200 10.163.118.21:48392 - "GET / HTTP/1.1" 200 10.163.65.138:44486 - "GET /api/instances/ HTTP/1.1" 200 10.163.65.138:44486 - "GET /api/users/me/ HTTP/1.1" 200 10.163.65.138:44486 - "GET /api/users/me/profile/ HTTP/1.1" 200 10.163.65.138:44498 - "GET /api/users/me/settings/ HTTP/1.1" 200 10.163.66.155:37790 - "GET /api/users/me/workspaces/ HTTP/1.1" 200 10.163.65.138:44486 - "GET /api/unsplash/?query= HTTP/1.1" 200

Steps to reproduce

  1. Self-host plane with local_setup: false and set env.aws_access_key env.aws_secret_access_key env.aws_region aws_s3_endpoint_url
  2. On Plane, go to profile settings
  3. Click profile picture
  4. Upload a picture and click "Upload & Save"
  5. Picture gets successfully uploaded to the external minio instance
  6. On Plane, uploaded picture is not displayed, instead just default photo with a name on it is shown (as shown on the screenshot above)

Environment

Production

Browser

Mozilla Firefox and Chrome

Variant

Self-hosted

Version

plane-ce-1.0.19 (helm chart)

ktw1016 avatar Jul 08 '24 18:07 ktw1016

@ktw1016, in the logs you can see the error

ERROR 2024-07-08 17:48:17,385 exception_logger 28 139936386587448 An error occurred (InvalidAccessKeyId) when calling the ListObjectsV2 operation: The AWS Access Key Id you provided does not exist in our records.

Can you check if you AWS access key id is correct.

pablohashescobar avatar Jul 09 '24 03:07 pablohashescobar

Can you check if you AWS access key id is correct.

@pablohashescobar hello, yes, as I mentioned, plane is posting a photo successfully to minio. The keys are correct and would have to be correct to be able to post. And it's an admin keys (full permissions to our S3 instance)

ktw1016 avatar Jul 09 '24 04:07 ktw1016

Can you check if your s3 configuration is set accordingly

* Block all public access - Off
* Bucket Policy
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::<bucket_name>/*"
        }
    ]
}
* Object Ownership - Bucket Owner Prefered
* ACL
    * Bucket owner:
        1. Objects - list, write
        2. Bucket ACL - read, write
    * Everyone (Public Access):
        1. Objects - None
        2. Bucket ACL - read

pablohashescobar avatar Jul 09 '24 06:07 pablohashescobar

Can you check if your s3 configuration is set accordingly

* Block all public access - Off
* Bucket Policy
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::<bucket_name>/*"
        }
    ]
}
* Object Ownership - Bucket Owner Prefered
* ACL
    * Bucket owner:
        1. Objects - list, write
        2. Bucket ACL - read, write
    * Everyone (Public Access):
        1. Objects - None
        2. Bucket ACL - read

Yes, the supplied key has permissions to list objects, get objects

ktw1016 avatar Jul 09 '24 14:07 ktw1016

Same issue here, I think this section just needs to be modified to use the proper value:

image

https://artifacthub.io/packages/helm/makeplane/plane-ce/1.0.19?modal=template&template=config-secrets/doc-strore.yaml

Perhaps something like:

AWS_S3_ENDPOINT_URL: {{ .Values.env.aws_s3_endpoint_url | default "" | quote }}

I'm not too familiar with testing charts locally so i'm not positive, but I think that would do it!

In the meantime you can modify the configmap manually after installation via helm and add the line to plane-doc-store-vars (or the release name you chose)

This is outside the scope of this issue, but it would also be nice to specify the path as well to utilize an already existing bucket.

Great product by the way, I found y'all this morning and i'm already switching all of my projects over!

elijah-apprabbit avatar Aug 03 '24 18:08 elijah-apprabbit

+1

mrpotato3 avatar Aug 06 '24 20:08 mrpotato3

Looks like someone already has a PR up for it https://github.com/makeplane/helm-charts/pull/19

elijah-apprabbit avatar Aug 10 '24 21:08 elijah-apprabbit