[
https://issues.apache.org/jira/browse/KNOX-3288?focusedWorklogId=1011676&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-1011676
]
ASF GitHub Bot logged work on KNOX-3288:
----------------------------------------
Author: ASF GitHub Bot
Created on: 26/Mar/26 21:41
Start Date: 26/Mar/26 21:41
Worklog Time Spent: 10m
Work Description: moresandeep commented on code in PR #1187:
URL: https://github.com/apache/knox/pull/1187#discussion_r2997785715
##########
gateway-docker/src/main/resources/docker/gateway-entrypoint.sh:
##########
@@ -56,6 +59,22 @@ importMultipleCerts() {
done
}
+## Helper function to save an alias
+## Function takes alias name, environment variable value, and optional default
value
+saveAlias() {
+ local alias_name=$1
+ local env_var_value=$2
+ local default_value=$3
+
+ if [[ -n ${env_var_value} ]]; then
+ echo "Creating alias ${alias_name} using provided value..."
Review Comment:
If we have passwords in the value this will get logged :(
##########
gateway-docker/src/main/resources/docker/gateway-entrypoint.sh:
##########
@@ -78,16 +97,14 @@ then
LDAP_BIND_PASSWORD=$(/bin/cat "${LDAP_PASSWORD_FILE}" 2>/dev/null)
fi
-if [[ -n ${LDAP_BIND_PASSWORD} ]]
-then
- echo "Using provided LDAP bind password"
- /home/knox/knox/bin/knoxcli.sh create-alias ldap-bind-password --value
"${LDAP_BIND_PASSWORD}"
-fi
+saveAlias ldap-bind-password "${LDAP_BIND_PASSWORD}"
Review Comment:
There is no default value provided, I think that is okay
##########
gateway-docker/src/main/resources/docker/gateway-entrypoint.sh:
##########
@@ -56,6 +59,22 @@ importMultipleCerts() {
done
}
+## Helper function to save an alias
+## Function takes alias name, environment variable value, and optional default
value
+saveAlias() {
+ local alias_name=$1
+ local env_var_value=$2
+ local default_value=$3
+
+ if [[ -n ${env_var_value} ]]; then
+ echo "Creating alias ${alias_name} using provided value..."
+ /home/knox/knox/bin/knoxcli.sh create-alias "${alias_name}" --value
"${env_var_value}"
+ elif [[ -n ${default_value} ]]; then
+ echo "Creating alias ${alias_name} using default value..."
Review Comment:
Same here.
Issue Time Tracking
-------------------
Worklog Id: (was: 1011676)
Time Spent: 20m (was: 10m)
> Knox's Docker image should create database connection related aliases
> ---------------------------------------------------------------------
>
> Key: KNOX-3288
> URL: https://issues.apache.org/jira/browse/KNOX-3288
> Project: Apache Knox
> Issue Type: Task
> Components: docker
> Affects Versions: 3.0.0
> Reporter: Sandor Molnar
> Priority: Major
> Fix For: 3.0.0
>
> Time Spent: 20m
> Remaining Estimate: 0h
>
> In k8s clusters it's important that Knox instances can connect to an external
> DB so that generated tokens won't get lost on pod restarts.
> To support that, we need to update the Knox Gateway entry point in the Docker
> image to save the following aliases:
> * gateway_database_user
> * gateway_database_password
> * gateway_database_ssl_truststore_password
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
