From c807653405e73b2af1151b51082176a47dcc23c3 Mon Sep 17 00:00:00 2001 From: Thibault Richard Date: Thu, 25 Jul 2019 18:37:56 +0200 Subject: [PATCH] Variabilize more the keystore settings addition (#1401) (#1403) Given it's convenient to not use `--stdin` with the ES keystore to fix #1349, this commit makes the keystore settings addition different for ES than for Kibana and the APM Server. Only the Elasticsearch keystore supports settings additions using a file path. Kibana and APM Server supports only to pass the value through stdin and use the --stdin flag. --- operators/pkg/controller/apmserver/apmserver_controller.go | 2 +- operators/pkg/controller/common/keystore/initcontainer.go | 2 +- operators/pkg/controller/common/keystore/resources_test.go | 2 +- operators/pkg/controller/elasticsearch/driver/default.go | 2 +- operators/pkg/controller/kibana/driver.go | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/operators/pkg/controller/apmserver/apmserver_controller.go b/operators/pkg/controller/apmserver/apmserver_controller.go index 075303a234..178a36ea84 100644 --- a/operators/pkg/controller/apmserver/apmserver_controller.go +++ b/operators/pkg/controller/apmserver/apmserver_controller.go @@ -65,7 +65,7 @@ var ( initContainerParameters = keystore.InitContainerParameters{ KeystoreCreateCommand: ApmServerBin + " keystore create --force", - KeystoreAddCommand: ApmServerBin + " keystore add", + KeystoreAddCommand: ApmServerBin + ` keystore add "$key" --stdin < "$filename"`, SecureSettingsVolumeMountPath: keystore.SecureSettingsVolumeMountPath, DataVolumePath: DataVolumePath, } diff --git a/operators/pkg/controller/common/keystore/initcontainer.go b/operators/pkg/controller/common/keystore/initcontainer.go index 92bfa86186..5b91e41272 100644 --- a/operators/pkg/controller/common/keystore/initcontainer.go +++ b/operators/pkg/controller/common/keystore/initcontainer.go @@ -44,7 +44,7 @@ for filename in {{ .SecureSettingsVolumeMountPath }}/*; do [[ -e "$filename" ]] || continue # glob does not match key=$(basename "$filename") echo "Adding "$key" to the keystore." - {{ .KeystoreAddCommand }} "$key" "$filename" + {{ .KeystoreAddCommand }} done echo "Keystore initialization successful." diff --git a/operators/pkg/controller/common/keystore/resources_test.go b/operators/pkg/controller/common/keystore/resources_test.go index 5f81b07cd3..debde4f513 100644 --- a/operators/pkg/controller/common/keystore/resources_test.go +++ b/operators/pkg/controller/common/keystore/resources_test.go @@ -23,7 +23,7 @@ import ( var ( initContainersParameters = InitContainerParameters{ KeystoreCreateCommand: "/keystore/bin/keystore create", - KeystoreAddCommand: "/keystore/bin/keystore add", + KeystoreAddCommand: `/keystore/bin/keystore add "$key" "$filename"`, SecureSettingsVolumeMountPath: "/foo/secret", DataVolumePath: "/bar/data", } diff --git a/operators/pkg/controller/elasticsearch/driver/default.go b/operators/pkg/controller/elasticsearch/driver/default.go index d6b5ae950f..b978ed5056 100644 --- a/operators/pkg/controller/elasticsearch/driver/default.go +++ b/operators/pkg/controller/elasticsearch/driver/default.go @@ -46,7 +46,7 @@ import ( // initContainerParams is used to generate the init container that will load the secure settings into a keystore var initContainerParams = keystore.InitContainerParameters{ KeystoreCreateCommand: "/usr/share/elasticsearch/bin/elasticsearch-keystore create", - KeystoreAddCommand: "/usr/share/elasticsearch/bin/elasticsearch-keystore add-file", + KeystoreAddCommand: `/usr/share/elasticsearch/bin/elasticsearch-keystore add-file "$key" "$filename"`, SecureSettingsVolumeMountPath: keystore.SecureSettingsVolumeMountPath, DataVolumePath: esvolume.ElasticsearchDataMountPath, } diff --git a/operators/pkg/controller/kibana/driver.go b/operators/pkg/controller/kibana/driver.go index 75c1ad23e2..62c19cbd72 100644 --- a/operators/pkg/controller/kibana/driver.go +++ b/operators/pkg/controller/kibana/driver.go @@ -38,7 +38,7 @@ import ( // initContainersParameters is used to generate the init container that will load the secure settings into a keystore var initContainersParameters = keystore.InitContainerParameters{ KeystoreCreateCommand: "/usr/share/kibana/bin/kibana-keystore create", - KeystoreAddCommand: "/usr/share/kibana/bin/kibana-keystore add", + KeystoreAddCommand: `/usr/share/kibana/bin/kibana-keystore add "$key" --stdin < "$filename"`, SecureSettingsVolumeMountPath: keystore.SecureSettingsVolumeMountPath, DataVolumePath: volume.DataVolumeMountPath, }