janhoy opened a new issue, #488:
URL: https://github.com/apache/solr-operator/issues/488
A user can now bootstrap `security.json` through operator, even by providing
the raw `security.json` file in a Secret that will be uploaded to ZK on first
Solr Pod start through an init-container.
Users may want to also manage changes to `security.json` in the same manner,
i.e. if they use GitOps. This won't work today, as the `bootstrapSecurityJson`
feature only works if `security.json` is missing in ZK. So a workaround now is
to delete the file manually from Zk and then trigger a restart of a Solr Pod,
which will then bootstrap security once again.
I'm not suggesting to change default behavior, as the pure 1st-time boostrap
feature is useful for those who just want to bootstrap and then continue
editing security through Solr's Auth APIs admin AdminUI's nice Securty editor.
My proposal is therefor to add a `overwrite: true` property to existing
`bootstrapSecurityJson`, which would cause the file to be uploaded on every
node restart. We'd still need to figure out a way to trigger the upload anytime
the Secret changes.
```yaml
bootstrapSecurityJson:
name: security-json-secret
key: security_json
overwrite: true
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org
