janhoy opened a new issue, #488: URL: https://github.com/apache/solr-operator/issues/488
A user can now bootstrap `security.json` through operator, even by providing the raw `security.json` file in a Secret that will be uploaded to ZK on first Solr Pod start through an init-container. Users may want to also manage changes to `security.json` in the same manner, i.e. if they use GitOps. This won't work today, as the `bootstrapSecurityJson` feature only works if `security.json` is missing in ZK. So a workaround now is to delete the file manually from Zk and then trigger a restart of a Solr Pod, which will then bootstrap security once again. I'm not suggesting to change default behavior, as the pure 1st-time boostrap feature is useful for those who just want to bootstrap and then continue editing security through Solr's Auth APIs admin AdminUI's nice Securty editor. My proposal is therefor to add a `overwrite: true` property to existing `bootstrapSecurityJson`, which would cause the file to be uploaded on every node restart. We'd still need to figure out a way to trigger the upload anytime the Secret changes. ```yaml bootstrapSecurityJson: name: security-json-secret key: security_json overwrite: true ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For additional commands, e-mail: issues-h...@solr.apache.org