Skip to content

Commit 84a3fb4

Browse files
migruiz4bitnami-bot
migruiz4
and
bitnami-bot
authored
[bitnami/solr] Set usePasswordFiles=true by default (#32782)
* [bitnami/solr] Set `usePasswordFiles=true` by default Signed-off-by: Miguel Ruiz <[email protected]> * Update CHANGELOG.md Signed-off-by: Bitnami Bot <[email protected]> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Bot <[email protected]> * Update CHANGELOG.md Signed-off-by: Bitnami Bot <[email protected]> * Fix probes Signed-off-by: Miguel Ruiz <[email protected]> * Fix typo Signed-off-by: Miguel Ruiz <[email protected]> --------- Signed-off-by: Miguel Ruiz <[email protected]> Signed-off-by: Bitnami Bot <[email protected]> Co-authored-by: Bitnami Bot <[email protected]>
1 parent 5ee2a7e commit 84a3fb4

File tree

7 files changed

+88
-9
lines changed

7 files changed

+88
-9
lines changed

bitnami/solr/CHANGELOG.md

+6-2
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,12 @@
11
# Changelog
22

3-
## 9.5.7 (2025-04-02)
3+
## 9.6.0 (2025-04-04)
44

5-
* [bitnami/solr] Release 9.5.7 ([#32784](https://github.com/bitnami/charts/pull/32784))
5+
* [bitnami/solr] Set `usePasswordFiles=true` by default ([#32782](https://github.com/bitnami/charts/pull/32782))
6+
7+
## <small>9.5.7 (2025-04-02)</small>
8+
9+
* [bitnami/solr] Release 9.5.7 (#32784) ([fd41f2d](https://github.com/bitnami/charts/commit/fd41f2d13d80e1dce5fee2703667d3a7d26ca103)), closes [#32784](https://github.com/bitnami/charts/issues/32784)
610

711
## <small>9.5.6 (2025-03-28)</small>
812

bitnami/solr/Chart.yaml

+1-1
Original file line numberDiff line numberDiff line change
@@ -35,4 +35,4 @@ maintainers:
3535
name: solr
3636
sources:
3737
- https://github.com/bitnami/charts/tree/main/bitnami/solr
38-
version: 9.5.7
38+
version: 9.6.0

bitnami/solr/README.md

+1
Original file line numberDiff line numberDiff line change
@@ -212,6 +212,7 @@ You can enable this initContainer by setting `volumePermissions.enabled` to `tru
212212
| `commonLabels` | Add labels to all the deployed resources | `{}` |
213213
| `commonAnnotations` | Add annotations to all the deployed resources | `{}` |
214214
| `extraDeploy` | Extra objects to deploy (value evaluated as a template) | `[]` |
215+
| `usePasswordFiles` | Mount credentials as files instead of using environment variables | `true` |
215216
| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` |
216217
| `diagnosticMode.command` | Command to override all containers in the statefulset | `["sleep"]` |
217218
| `diagnosticMode.args` | Args to override all containers in the statefulset | `["infinity"]` |

bitnami/solr/templates/metrics-deployment.yaml

+20-4
Original file line numberDiff line numberDiff line change
@@ -80,24 +80,35 @@ spec:
8080
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.metrics.containerSecurityContext "context" $) | nindent 12 }}
8181
{{- end }}
8282
command:
83-
- "/bin/bash"
84-
- "-c"
85-
- |-
86-
/bin/bash
83+
- /bin/bash
84+
- -ec
85+
- |
86+
{{- if .Values.usePasswordFiles }}
87+
export SOLR_ADMIN_PASSWORD="$(< $SOLR_ADMIN_PASSWORD_FILE)"
88+
{{- end }}
8789
printf '%s%s\n' 'httpBasicAuthUser=' $SOLR_ADMIN_USERNAME 'httpBasicAuthPassword=' $SOLR_ADMIN_PASSWORD > /basicauth-properties/basicauth.properties
8890
env:
8991
- name: SOLR_ADMIN_USERNAME
9092
value: {{ .Values.auth.adminUsername | quote }}
93+
{{- if .Values.usePasswordFiles }}
94+
- name: SOLR_ADMIN_PASSWORD_FILE
95+
value: {{ printf "/opt/bitnami/solr/secrets/pass/%s" (include "solr.secretPasswordKey" .) }}
96+
{{- else }}
9197
- name: SOLR_ADMIN_PASSWORD
9298
valueFrom:
9399
secretKeyRef:
94100
name: {{ include "solr.secretName" . }}
95101
key: {{ include "solr.secretPasswordKey" . }}
102+
{{- end }}
96103
volumeMounts:
97104
- name: empty-dir
98105
mountPath: /basicauth-properties/
99106
subPath: app-basicauth-properties-dir
100107
readOnly: false
108+
{{- if .Values.usePasswordFiles }}
109+
- name: solr-pass-secret
110+
mountPath: /opt/bitnami/solr/secrets/pass
111+
{{- end }}
101112
{{- end }}
102113
containers:
103114
- name: solr-exporter
@@ -201,6 +212,11 @@ spec:
201212
volumes:
202213
- name: empty-dir
203214
emptyDir: {}
215+
{{- if and .Values.usePasswordFiles .Values.auth.enabled }}
216+
- name: solr-pass-secret
217+
secret:
218+
secretName: {{ include "solr.secretName" . }}
219+
{{- end }}
204220
{{- if .Values.metrics.extraVolumes }}
205221
{{- include "common.tplvalues.render" (dict "value" .Values.metrics.extraVolumes "context" $) | nindent 8 }}
206222
{{- end }}

bitnami/solr/templates/scripts-configmap.yaml

+5
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,11 @@ data:
1919
2020
. /opt/bitnami/scripts/liblog.sh
2121
22+
{{- if .Values.usePasswordFiles }}
23+
export SOLR_SSL_KEY_STORE_PASSWORD="$(< $SOLR_SSL_KEY_STORE_PASSWORD_FILE)"
24+
export SOLR_SSL_TRUST_STORE_PASSWORD="$(< $SOLR_SSL_TRUST_STORE_PASSWORD_FILE)"
25+
{{- end }}
26+
2227
if [[ -f "/certs/keystore.p12" ]] && [[ -f "/certs/truststore.p12" ]]; then
2328
# the user provided keystore.p12 and truststore.p12 files (prefered)
2429
cp "/certs/keystore.p12" "/opt/bitnami/solr/certs/keystore.p12"

bitnami/solr/templates/statefulset.yaml

+52-2
Original file line numberDiff line numberDiff line change
@@ -143,6 +143,12 @@ spec:
143143
fieldRef:
144144
apiVersion: v1
145145
fieldPath: metadata.name
146+
{{- if .Values.usePasswordFiles }}
147+
- name: SOLR_SSL_KEY_STORE_PASSWORD_FILE
148+
value: "/opt/bitnami/solr/secrets/tls/keystore-password"
149+
- name: SOLR_SSL_TRUST_STORE_PASSWORD_FILE
150+
value: "/opt/bitnami/solr/secrets/tls/truststore-password"
151+
{{- else }}
146152
- name: SOLR_SSL_KEY_STORE_PASSWORD
147153
valueFrom:
148154
secretKeyRef:
@@ -153,6 +159,7 @@ spec:
153159
secretKeyRef:
154160
name: {{ include "solr.tlsPasswordsSecret" . }}
155161
key: truststore-password
162+
{{- end }}
156163
{{- if .Values.tls.resources }}
157164
resources: {{- toYaml .Values.tls.resources | nindent 12 }}
158165
{{- else if ne .Values.tls.resourcesPreset "none" }}
@@ -170,6 +177,10 @@ spec:
170177
- name: empty-dir
171178
mountPath: /tmp
172179
subPath: tmp-dir
180+
{{- if .Values.usePasswordFiles }}
181+
- name: solr-secrets
182+
mountPath: /opt/bitnami/solr/secrets
183+
{{- end }}
173184
{{- end }}
174185
{{- if .Values.initContainers }}
175186
{{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }}
@@ -230,12 +241,17 @@ spec:
230241
{{- if .Values.auth.enabled }}
231242
- name: SOLR_ADMIN_USERNAME
232243
value: {{ .Values.auth.adminUsername | quote }}
244+
{{- if .Values.usePasswordFiles }}
245+
- name: SOLR_ADMIN_PASSWORD_FILE
246+
value: {{ printf "/opt/bitnami/solr/secrets/pass/%s" (include "solr.secretPasswordKey" .) }}
247+
{{- else }}
233248
- name: SOLR_ADMIN_PASSWORD
234249
valueFrom:
235250
secretKeyRef:
236251
name: {{ include "solr.secretName" . }}
237252
key: {{ include "solr.secretPasswordKey" . }}
238253
{{- end }}
254+
{{- end }}
239255
- name: SOLR_ZK_HOSTS
240256
value: {{ include "solr.zookeeper.hosts" . | quote }}
241257
{{- if .Values.tls.enabled }}
@@ -249,18 +265,25 @@ spec:
249265
{{- end }}
250266
- name: SOLR_SSL_KEY_STORE
251267
value: /opt/bitnami/solr/certs/keystore.p12
268+
- name: SOLR_SSL_TRUST_STORE
269+
value: /opt/bitnami/solr/certs/truststore.p12
270+
{{- if .Values.usePasswordFiles }}
271+
- name: SOLR_SSL_KEY_STORE_PASSWORD_FILE
272+
value: "/opt/bitnami/solr/secrets/tls/keystore-password"
273+
- name: SOLR_SSL_TRUST_STORE_PASSWORD_FILE
274+
value: "/opt/bitnami/solr/secrets/tls/truststore-password"
275+
{{- else }}
252276
- name: SOLR_SSL_KEY_STORE_PASSWORD
253277
valueFrom:
254278
secretKeyRef:
255279
name: {{ include "solr.tlsPasswordsSecret" . }}
256280
key: keystore-password
257-
- name: SOLR_SSL_TRUST_STORE
258-
value: /opt/bitnami/solr/certs/truststore.p12
259281
- name: SOLR_SSL_TRUST_STORE_PASSWORD
260282
valueFrom:
261283
secretKeyRef:
262284
name: {{ include "solr.tlsPasswordsSecret" . }}
263285
key: truststore-password
286+
{{- end }}
264287
- name: SOLR_SSL_CHECK_PEER_NAME
265288
value: "false"
266289
{{- end }}
@@ -296,6 +319,9 @@ spec:
296319
- /bin/bash
297320
- -ec
298321
- |
322+
{{- if and .Values.usePasswordFiles .Values.auth.enabled }}
323+
export SOLR_ADMIN_PASSWORD="$(< $SOLR_ADMIN_PASSWORD_FILE)"
324+
{{- end }}
299325
curl --silent --connect-timeout 15000 {{ ternary "--user ${SOLR_ADMIN_USERNAME}:${SOLR_ADMIN_PASSWORD}" "" .Values.auth.enabled }} http://localhost:${SOLR_PORT_NUMBER}/solr/admin/info/system | grep --quiet '\"status\":0'
300326
{{- end }}
301327
{{- if .Values.customReadinessProbe }}
@@ -307,6 +333,9 @@ spec:
307333
- /bin/bash
308334
- -ec
309335
- |
336+
{{- if and .Values.usePasswordFiles .Values.auth.enabled }}
337+
export SOLR_ADMIN_PASSWORD="$(< $SOLR_ADMIN_PASSWORD_FILE)"
338+
{{- end }}
310339
curl --silent --connect-timeout 15000 {{ ternary "--user ${SOLR_ADMIN_USERNAME}:${SOLR_ADMIN_PASSWORD}" "" .Values.auth.enabled }} http://localhost:${SOLR_PORT_NUMBER}/api/node/health | grep --quiet '\"status\":\"OK\"'
311340
{{- end }}
312341
{{- if .Values.customStartupProbe }}
@@ -318,6 +347,9 @@ spec:
318347
- /bin/bash
319348
- -ec
320349
- |
350+
{{- if and .Values.usePasswordFiles .Values.auth.enabled }}
351+
export SOLR_ADMIN_PASSWORD="$(< $SOLR_ADMIN_PASSWORD_FILE)"
352+
{{- end }}
321353
curl --silent --connect-timeout 15000 {{ ternary "--user ${SOLR_ADMIN_USERNAME}:${SOLR_ADMIN_PASSWORD}" "" .Values.auth.enabled }} http://localhost:${SOLR_PORT_NUMBER}/api/node/health | grep --quiet '\"status\":\"OK\"'
322354
{{- end }}
323355
{{- end }}
@@ -340,6 +372,14 @@ spec:
340372
- name: scripts
341373
mountPath: /scripts/setup.sh
342374
subPath: setup.sh
375+
{{- if and .Values.usePasswordFiles .Values.auth.enabled }}
376+
- name: solr-pass-secret
377+
mountPath: /opt/bitnami/solr/secrets/pass
378+
{{- end }}
379+
{{- if and .Values.usePasswordFiles .Values.tls.enabled }}
380+
- name: solr-tls-secret
381+
mountPath: /opt/bitnami/solr/secrets/tls
382+
{{- end }}
343383
- name: data
344384
mountPath: {{ .Values.persistence.mountPath }}
345385
{{- if .Values.persistence.subPath }}
@@ -365,6 +405,16 @@ spec:
365405
configMap:
366406
name: {{ printf "%s-scripts" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }}
367407
defaultMode: 0755
408+
{{- if and .Values.usePasswordFiles .Values.auth.enabled }}
409+
- name: solr-pass-secret
410+
secret:
411+
secretName: {{ include "solr.secretName" . }}
412+
{{- end }}
413+
{{- if and .Values.usePasswordFiles .Values.tls.enabled }}
414+
- name: solr-tls-secret
415+
secret:
416+
secretName: {{ include "solr.tlsPasswordsSecret" . }}
417+
{{- end }}
368418
{{- if and .Values.persistence.enabled .Values.persistence.existingClaim }}
369419
- name: data
370420
persistentVolumeClaim:

bitnami/solr/values.yaml

+3
Original file line numberDiff line numberDiff line change
@@ -59,6 +59,9 @@ commonAnnotations: {}
5959
## @param extraDeploy Extra objects to deploy (value evaluated as a template)
6060
##
6161
extraDeploy: []
62+
## @param usePasswordFiles Mount credentials as files instead of using environment variables
63+
##
64+
usePasswordFiles: true
6265
## Enable diagnostic mode in the statefulset
6366
##
6467
diagnosticMode:

0 commit comments

Comments
 (0)