[GitHub] [lucene-solr-operator] thelabdude commented on a change in pull request #221: Work with basic-auth enabled SolrCloud clusters

[GitBox]

thelabdude commented on a change in pull request #221:
URL: 
https://github.com/apache/lucene-solr-operator/pull/221#discussion_r582304972



##########
File path: controllers/util/solr_util.go
##########
@@ -1157,3 +1193,240 @@ func createZkConnectionEnvVars(solrCloud 
*solr.SolrCloud, solrCloudStatus *solr.
 
        return envVars, solrOpt, len(zkChroot) > 1
 }
+
+func setupVolumeMountForUserProvidedConfigMapEntry(reconcileConfigInfo 
map[string]string, fileKey string, solrVolumes []corev1.Volume, envVar string) 
(*corev1.VolumeMount, *corev1.EnvVar, *corev1.Volume) {
+       volName := strings.ReplaceAll(fileKey, ".", "-")
+       mountPath := fmt.Sprintf("/var/solr/%s", reconcileConfigInfo[fileKey])
+       appendedToExisting := false
+       if reconcileConfigInfo[fileKey] == reconcileConfigInfo[SolrXmlFile] {
+               // the user provided a custom log4j2.xml and solr.xml, append 
to the volume for solr.xml created above
+               for _, vol := range solrVolumes {
+                       if vol.Name == "solr-xml" {
+                               vol.ConfigMap.Items = 
append(vol.ConfigMap.Items, corev1.KeyToPath{Key: fileKey, Path: fileKey})
+                               appendedToExisting = true
+                               volName = vol.Name
+                               break
+                       }
+               }
+       }
+
+       var vol *corev1.Volume = nil
+       if !appendedToExisting {
+               defaultMode := int32(420)
+               vol = &corev1.Volume{
+                       Name: volName,
+                       VolumeSource: corev1.VolumeSource{
+                               ConfigMap: &corev1.ConfigMapVolumeSource{
+                                       LocalObjectReference: 
corev1.LocalObjectReference{Name: reconcileConfigInfo[fileKey]},
+                                       Items:                
[]corev1.KeyToPath{{Key: fileKey, Path: fileKey}},
+                                       DefaultMode:          &defaultMode,
+                               },
+                       },
+               }
+       }
+       pathToFile := fmt.Sprintf("%s/%s", mountPath, fileKey)
+
+       return &corev1.VolumeMount{Name: volName, MountPath: mountPath}, 
&corev1.EnvVar{Name: envVar, Value: pathToFile}, vol
+}
+
+func BasicAuthHeader(basicAuthSecret *corev1.Secret) string {
+       creds := fmt.Sprintf("%s:%s", 
basicAuthSecret.Data[corev1.BasicAuthUsernameKey], 
basicAuthSecret.Data[corev1.BasicAuthPasswordKey])
+       return "Basic " + b64.StdEncoding.EncodeToString([]byte(creds))
+}
+
+func ValidateBasicAuthSecret(basicAuthSecret *corev1.Secret) error {
+       if basicAuthSecret.Type != corev1.SecretTypeBasicAuth {
+               return fmt.Errorf("invalid secret type %v; user-provided secret 
%s must be of type: %v",
+                       basicAuthSecret.Type, basicAuthSecret.Name, 
corev1.SecretTypeBasicAuth)
+       }
+
+       if _, ok := basicAuthSecret.Data[corev1.BasicAuthUsernameKey]; !ok {

Review comment:
       Sadly not the case ... I tried creating a basic auth secret w/o the 
username and K8s happily obliged me :(




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For additional commands, e-mail: issues-h...@lucene.apache.org