containers icon indicating copy to clipboard operation
containers copied to clipboard
verified publisher icon bitnami

[bitnami/opensearch] Wrong folder check

Open kreyyser opened this issue 1 year ago • 1 comments

Name and Version

bitnami/opensearch

What architecture are you using?

arm64

What steps will reproduce the bug?

  1. Mounted internal users to /opt/bitnami/opensearch/config/opensearch-security/internal_users.yaml
  2. The file gets overridden during bootstrap

What is the expected behavior?

File not overridden

What do you see instead?

I see users overridden every time with default.

Additional information

https://github.com/bitnami/containers/blob/main/bitnami/opensearch/2/debian-12/rootfs/opt/bitnami/scripts/libopensearch.sh#L106

this script checks the wrong folder

opensearch_security_configure_users() {
    info "Configuring Opensearch security users and roles..."
    # Execute permission for configuration binaries
    chmod +x "${OPENSEARCH_SECURITY_DIR}/tools/hash.sh"
    chmod +x "${OPENSEARCH_SECURITY_DIR}/tools/securityadmin.sh"
    # Opensearch security configuration
    if [ ! -f "${OPENSEARCH_SECURITY_DIR}/internal_users.yml" ]; then
        # Delete content of the demo file
        echo "" > "${OPENSEARCH_SECURITY_CONF_DIR}/internal_users.yml"

        yq -i eval '._meta.type = "internalusers"' "${OPENSEARCH_SECURITY_CONF_DIR}/internal_users.yml"
        yq -i eval '._meta.config_version = "2"' "${OPENSEARCH_SECURITY_CONF_DIR}/internal_users.yml"

        # Create default users
        opensearch_security_internal_user_set "$OPENSEARCH_USERNAME" "$OPENSEARCH_PASSWORD" true "admin" "" "Admin user"
        opensearch_security_internal_user_set "kibanaserver" "$OPENSEARCH_DASHBOARDS_PASSWORD" true "" "" "Kibana Server user"
        opensearch_security_internal_user_set "logstash" "$LOGSTASH_PASSWORD" true "logstash" "" "Logstash user"
    fi
}

instead of if [ ! -f "${OPENSEARCH_SECURITY_DIR}/internal_users.yml" ]; then it should check if [ ! -f "${OPENSEARCH_SECURITY_CONF_DIR}/internal_users.yml" ]; then

because OPENSEARCH_SECURITY_DIR is the folder of the plugins with jar files, not configuration files.

kreyyser avatar Oct 16 '24 15:10 kreyyser

Thank you for bringing this issue to our attention. We appreciate your involvement! If you're interested in contributing a solution, we welcome you to create a pull request. The Bitnami team is excited to review your submission and offer feedback. You can find the contributing guidelines here.

Your contribution will greatly benefit the community. Feel free to reach out if you have any questions or need assistance.

carrodher avatar Oct 18 '24 12:10 carrodher

This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback.

github-actions[bot] avatar Nov 03 '24 01:11 github-actions[bot]

Due to the lack of activity in the last 5 days since it was marked as "stale", we proceed to close this Issue. Do not hesitate to reopen it later if necessary.

github-actions[bot] avatar Nov 09 '24 01:11 github-actions[bot]