Skip to content

Commit

Permalink
Update the way to add settings in the ES keystore (#1377)
Browse files Browse the repository at this point in the history
This fixes an issue where the repository-gcs plugin fails if the
setting gcs.client.default.credentials_file is not a compacted JSON
and is added using `elasticsearch-keystore add key --stdin`.

Since the secure settings are now in a Secret and each key of a 
Secret is mounted in a container as files I think we can safely change
the way elasticsearch-keystore is called to add settings.
  • Loading branch information
thbkrkr authored Jul 25, 2019
1 parent 77d8f5d commit 8099f3d
Show file tree
Hide file tree
Showing 3 changed files with 3 additions and 3 deletions.
2 changes: 1 addition & 1 deletion operators/pkg/controller/common/keystore/initcontainer.go
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ for filename in {{ .SecureSettingsVolumeMountPath }}/*; do
[[ -e "$filename" ]] || continue # glob does not match
key=$(basename "$filename")
echo "Adding "$key" to the keystore."
{{ .KeystoreAddCommand }} "$key" --stdin < "$filename"
{{ .KeystoreAddCommand }} "$key" "$filename"
done
echo "Keystore initialization successful."
Expand Down
2 changes: 1 addition & 1 deletion operators/pkg/controller/common/keystore/resources_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -97,7 +97,7 @@ for filename in /foo/secret/*; do
[[ -e "$filename" ]] || continue # glob does not match
key=$(basename "$filename")
echo "Adding "$key" to the keystore."
/keystore/bin/keystore add "$key" --stdin < "$filename"
/keystore/bin/keystore add "$key" "$filename"
done
echo "Keystore initialization successful."
Expand Down
2 changes: 1 addition & 1 deletion operators/pkg/controller/elasticsearch/driver/default.go
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ import (
// initContainerParams is used to generate the init container that will load the secure settings into a keystore
var initContainerParams = keystore.InitContainerParameters{
KeystoreCreateCommand: "/usr/share/elasticsearch/bin/elasticsearch-keystore create",
KeystoreAddCommand: "/usr/share/elasticsearch/bin/elasticsearch-keystore add",
KeystoreAddCommand: "/usr/share/elasticsearch/bin/elasticsearch-keystore add-file",
SecureSettingsVolumeMountPath: keystore.SecureSettingsVolumeMountPath,
DataVolumePath: esvolume.ElasticsearchDataMountPath,
}
Expand Down

0 comments on commit 8099f3d

Please sign in to comment.