Issue Summary

In Bitbucket 9.2, an upgrade task was introduced to encrypt the outgoing mail server password stored in the database if one exists. However, the upgrade task encounters an issue and fails if a mail.password record exists with a blank string in the database.

Note: This situation typically arises only if the mail.password was manually altered directly in the database, which is not a common practice.

Steps to Reproduce

1. On an instance with Bitbucket version less than 9.2, manually update the main password to a blank string in the database

   update app_property set prop_value = '' where prop_key = 'mail.password';
   

2. Perform the upgrade to Bitbucket version 9.2 or higher

Expected Results

The upgrade task should detect that password is blank and ignore it.

Actual Results

The upgrade task fails and Bitbucket does not start up with the following error in the logs.

Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'applicationSecretsUpgradeTaskRunner': Invocation of init method failed; nested exception is java.lang.IllegalArgumentException: secretData cannot be less than 1 characters
	at org.springframework.beans.factory.annotation.InitDestroyAnnotationBeanPostProcessor.postProcessBeforeInitialization(InitDestroyAnnotationBeanPostProcessor.java:160)
	... 5 common frames omitted
Caused by: java.lang.IllegalArgumentException: secretData cannot be less than 1 characters
	at com.google.common.base.Preconditions.checkArgument(Preconditions.java:145)
	at com.atlassian.stash.internal.secrets.BitbucketSecretService.put(BitbucketSecretService.java:138)

Workaround

To resolve this issue, instead of setting mail.password to a blank string, delete the mail.password entry from the app_property table.

delete from app_property where prop_key = 'mail.password';

Ensure you perform a backup before making any changes to the database.