From 5e3c8e08cac74bf70a158834cfc6ca326555185f Mon Sep 17 00:00:00 2001 From: Gilles Mouchet Date: Tue, 21 Oct 2025 13:22:49 +0200 Subject: [PATCH] v3.3.0 - fixed set kibana_system pass creation --- .../create-kibana-user-job.yaml | 37 ------------------- .../statefulset-elasticsearch.yaml | 17 ++++++++- 2 files changed, 16 insertions(+), 38 deletions(-) delete mode 100644 helm/templates/elasticsearch/create-kibana-user-job.yaml diff --git a/helm/templates/elasticsearch/create-kibana-user-job.yaml b/helm/templates/elasticsearch/create-kibana-user-job.yaml deleted file mode 100644 index 49da9b5..0000000 --- a/helm/templates/elasticsearch/create-kibana-user-job.yaml +++ /dev/null @@ -1,37 +0,0 @@ -apiVersion: batch/v1 -kind: Job -metadata: - name: create-kibana-user - namespace: {{ .Release.Namespace }} - annotations: - "helm.sh/hook": post-install,post-upgrade - "helm.sh/hook-delete-policy": before-hook-creation -spec: - template: - spec: - restartPolicy: OnFailure - containers: - - name: create-kibana-user - image: curlimages/curl:8.6.0 - command: ["/bin/sh", "-c"] - args: - - | - echo "waiting for elasticsearch..." - until curl -s -u ${ELASTIC_USERNAME}:${ELASTIC_PASSWORD} http://service-elasticsearch:9200/_cluster/health | grep -q '"status":"green"'; do - echo "elasticsearch not ready yet..." - sleep 5 - done - - echo "checking if user '${KIBANA_USERNAME}' exists..." - USER_EXISTS=$(curl -s -o /dev/null -w "%{http_code}" -u ${ELASTIC_USERNAME}:${ELASTIC_PASSWORD} http://service-elasticsearch:9200/_security/user/${KIBANA_USERNAME}) - - if [ "$USER_EXISTS" -eq 200 ]; then - echo "user '${KIBANA_USERNAME}' already exists." - else - echo "creating user '${KIBANA_USERNAME}'..." - curl -s -X POST -u "elastic:{{ required ".Values.elastic.password entry is required!" .Values.elastic.password }}" -H "Content-Type: application/json" http://localhost:9200/_security/user/kibana_system/_password -d "{\"password\" : \"{{ required ".Values.kibana.password entry is required!" .Values.kibana.password }}\"}" - echo "user '${KIBANA_USERNAME}' created." - fi - envFrom: - - secretRef: - name: secret-elasticsearch diff --git a/helm/templates/elasticsearch/statefulset-elasticsearch.yaml b/helm/templates/elasticsearch/statefulset-elasticsearch.yaml index c66244d..26c9fe0 100644 --- a/helm/templates/elasticsearch/statefulset-elasticsearch.yaml +++ b/helm/templates/elasticsearch/statefulset-elasticsearch.yaml @@ -78,7 +78,22 @@ spec: failureThreshold: 3 initialDelaySeconds: 30 timeoutSeconds: 5 - + + lifecycle: + postStart: + exec: + command: + - "/bin/sh" + - "-c" + - | + loop=0 + until curl -s http://localhost:9200 | grep -q "missing authentication credentials"; do let loop=loop+1 ; sleep 30; if [ $loop -ge 4 ]; then exit 1; fi; done + echo "Setting sihusearch role and user/password" + loop=0 + echo "Setting Kibana System password" + curl -s -X POST -u "elastic:{{ required ".Values.elastic.password entry is required!" .Values.elastic.password }}" -H "Content-Type: application/json" http://localhost:9200/_security/user/kibana_system/_password -d "{\"password\" : \"{{ required ".Values.kibana.password entry is required!" .Values.kibana.password }}\"}" + echo "All done!" + initContainers: - name: fix-permissions image: busybox