smolnar82 opened a new pull request, #1216: URL: https://github.com/apache/knox/pull/1216
[KNOX-3310](https://issues.apache.org/jira/browse/KNOX-3310) - Fixing ALIAS_PASSPHRASE issues while importing custom certs. ## What changes were proposed in this pull request? This PR fixes a bug in the Docker entrypoint script and improves logging during the security initialization phase. Changes - Bug Fix: Removed the redundant `ALIAS_PASSPHRASE` assignment within `importMultipleCerts`. This prevents the script from exiting prematurely (due to set -e) when a keystore password file is not provided. - Logging Improvements: - Added explicit logging to show which file is being used to set the `ALIAS_PASSPHRASE`. - Added logging to indicate when the script falls back to using the `MASTER_SECRET`. - Documentation: Added a comment to the `importMultipleCerts` function to clarify its dependency on the pre-initialized `ALIAS_PASSPHRASE` variable. Impact - Stability: Prevents startup failures in default configurations where `KEYSTORE_PASSWORD_FILE` is not used. - Observability: Makes it much easier to debug keystore/truststore password issues by looking at the container logs. ## How was this patch tested? Still needed to be tested in k8s clusters. ## Integration Tests N/A ## UI changes N/A -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
