This is an automated email from the ASF dual-hosted git repository. shuber pushed a commit to branch unomi-3-dev in repository https://gitbox.apache.org/repos/asf/unomi.git
commit 7891e7e30e0acb7e27a4a9439ecc827f2515bb9f Author: Serge Huber <[email protected]> AuthorDate: Fri Jan 2 18:01:08 2026 +0100 chore: harden docker entrypoint healthcheck options --- docker/src/main/docker/entrypoint.sh | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/docker/src/main/docker/entrypoint.sh b/docker/src/main/docker/entrypoint.sh index b23cd2b1a..6180eb53f 100755 --- a/docker/src/main/docker/entrypoint.sh +++ b/docker/src/main/docker/entrypoint.sh @@ -44,13 +44,16 @@ check_node_health() { local node_url="$1" local curl_opts="$2" response=$(eval curl -v -fsSL ${curl_opts} "${node_url}" 2>&1) - if [ $? -eq 0 ]; then + rc=$? + if [ $rc -eq 0 ]; then echo "$response" | grep -o '"status"[ ]*:[ ]*"[^"]*"' | cut -d'"' -f4 else echo "" fi } +curl_opts="" + # Configure connection parameters based on search engine type if [ "$SEARCH_ENGINE" = "opensearch" ]; then # OpenSearch configuration @@ -71,7 +74,7 @@ else schema='http' fi - if [ -v UNOMI_ELASTICSEARCH_USERNAME ] && [ -v UNOMI_ELASTICSEARCH_PASSWORD ]; then + if [ -n "${UNOMI_ELASTICSEARCH_USERNAME:-}" ] && [ -n "${UNOMI_ELASTICSEARCH_PASSWORD:-}" ]; then auth_header="Authorization: Basic $(echo -n "${UNOMI_ELASTICSEARCH_USERNAME}:${UNOMI_ELASTICSEARCH_PASSWORD}" | base64)" curl_opts="-H \"${auth_header}\"" fi @@ -85,10 +88,8 @@ else IFS=',' read -ra NODES <<< "${UNOMI_ELASTICSEARCH_ADDRESSES}" fi -# Ensure curl options allow insecure deployments when needed. -# - For HTTPS with self-signed certs: add -k -# - For HTTP: -k is harmless, but we only add it when schema is https to keep things tidy. -if [ "$schema" = "https" ]; then +# Ensure curl options allow insecure deployments when needed (HTTPS self-signed) +if [ "$SEARCH_ENGINE" != "opensearch" ] && [ "$schema" = "https" ]; then curl_opts="$curl_opts -k" fi
