[jira] [Work logged] (KNOX-3304) Support for Openshift/SCC

Thu, 23 Apr 2026 03:15:15 -0700 


     [ 
https://issues.apache.org/jira/browse/KNOX-3304?focusedWorklogId=1017022&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-1017022
 ]

ASF GitHub Bot logged work on KNOX-3304:
----------------------------------------

                Author: ASF GitHub Bot
            Created on: 23/Apr/26 10:14
            Start Date: 23/Apr/26 10:14
    Worklog Time Spent: 10m 
      Work Description: moresandeep commented on code in PR #1209:
URL: https://github.com/apache/knox/pull/1209#discussion_r3130019715


##########
gateway-docker/src/main/resources/docker/gateway-entrypoint.sh:
##########
@@ -86,21 +98,21 @@ export GATEWAY_SERVER_RUN_IN_FOREGROUND=true
 # Create Master secret
 if [[ -n ${KNOX_MASTER_SECRET} ]]
 then
-  MASTER_SECRET=$(/bin/cat "${KNOX_MASTER_SECRET}" 2>/dev/null)
+  MASTER_SECRET=$(/bin/cat "${KNOX_MASTER_SECRET}" 2> /dev/null)
 fi
 
 if [[ -n ${MASTER_SECRET} ]]
 then
   echo "Using provided knox master secret [env:MASTER_SECRET]"
 else
   echo "Using default knox master secret"
-  MASTER_SECRET="knox"
+  MASTER_SECRET="!apacheknox!"

Review Comment:
   It's not for a password cracker :) JDK 17 (I think after JDK 11) does not 
support passwords with less then 9 characters, this was a long overdue.





Issue Time Tracking
-------------------

    Worklog Id:     (was: 1017022)
    Time Spent: 2h  (was: 1h 50m)

> Support for Openshift/SCC
> -------------------------
>
>                 Key: KNOX-3304
>                 URL: https://issues.apache.org/jira/browse/KNOX-3304
>             Project: Apache Knox
>          Issue Type: Task
>          Components: docker
>    Affects Versions: 2.1.0
>            Reporter: Sandeep More
>            Assignee: Sandeep More
>            Priority: Major
>         Attachments: 
> 0001-KNOX-3304-added-installation-of-curl-in-the-Docker.patch, 
> 0002-KNOX-3304-fixed-import-of-letsencrupt-root-cert.patch
>
>          Time Spent: 2h
>  Remaining Estimate: 0h
>
> The current docker image that is generated does not work with Openshift and 
> ECS platform due to restrictions imposed by the platforms. Specifically, 
> there are two requirements
>  # The helm chart that installs Knox image should use an arbitrary runAsUser
>  # The helm chart should not have any runAsGroup and fsUserĀ 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to