Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing FORCE_VERIFYING_SIGNATURE Environment Variable in Docker Compose v1.0.0-beta.1 #14184

Open
5 tasks done
opsworld30 opened this issue Feb 22, 2025 · 2 comments
Open
5 tasks done

Missing FORCE_VERIFYING_SIGNATURE Environment Variable in Docker Compose v1.0.0-beta.1 #14184

opsworld30 opened this issue Feb 22, 2025 · 2 comments
Labels
🐞 bug Something isn't working
Milestone
1.0.0 Marketplace

Comments

@opsworld30
Copy link

Self Checks

  • This is only for bug report, if you would like to ask a question, please head to Discussions.
  • I have searched for existing issues search for existing issues, including closed ones.
  • I confirm that I am using English to submit this report (我已阅读并同意 Language Policy).
  • [FOR CHINESE USERS] 请务必使用英文提交 Issue,否则会被关闭。谢谢!:)
  • Please do not modify this template :) and fill in all the required fields.

Dify version

Version 1.0.0-beta.1

Cloud or Self Hosted

Self Hosted (Docker)

Steps to reproduce

  1. Deploy Dify using docker-compose with tag v1.0.0-beta.1
  2. Try to install a plugin that is not listed in the Dify Marketplace
  3. Encounter error message: "plugin verification has been enabled, and the plugin you want to install has a bad signature"
  4. Add FORCE_VERIFYING_SIGNATURE=false to .env file
  5. The issue persists despite the environment variable being set

✔️ Expected Behavior

When FORCE_VERIFYING_SIGNATURE=false is set in the .env file, users should be able to install plugins that are not listed in the Dify Marketplace.

❌ Actual Behavior

Even after setting FORCE_VERIFYING_SIGNATURE=false in the .env file, users still cannot install plugins that are not listed in the Dify Marketplace. The error message "plugin verification has been enabled, and the plugin you want to install has a bad signature" persists.
@opsworld30
Copy link
Author

The issue is caused by missing FORCE_VERIFYING_SIGNATURE environment variable configurations in docker-compose.yaml. To fix this, you need to add this environment variable in two places:

  1. In the shared environment variables section (x-shared-env):
    FORCE_VERIFYING_SIGNATURE: ${FORCE_VERIFYING_SIGNATURE:-true}

  2. In the plugin_daemon service environment variables:
    FORCE_VERIFYING_SIGNATURE: ${FORCE_VERIFYING_SIGNATURE:-true}

You can either:

  1. Copy the docker-compose.yaml from the main branch to replace your current one
  2. Or manually add these two configurations to your current docker-compose.yaml

After making these changes:

  1. Set FORCE_VERIFYING_SIGNATURE=false in your .env file
  2. Restart your docker containers
  3. Try installing the plugin again

@dosubot dosubot bot added the 🐞 bug Something isn't working label Feb 22, 2025
@crazywoola crazywoola added this to the 1.0.0 Marketplace milestone Feb 22, 2025
@crazywoola
Copy link
Member

We will fix this when we release the 1.0.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
🐞 bug Something isn't working
Projects
None yet
Milestone
1.0.0 Marketplace
Development

No branches or pull requests
2 participants
@crazywoola @opsworld30