Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

caFile is ignored when using own secret #805

Closed
MoFrei opened this issue Sep 14, 2022 · 3 comments · May be fixed by #810
Closed

caFile is ignored when using own secret #805

MoFrei opened this issue Sep 14, 2022 · 3 comments · May be fixed by #810
Labels
bug Something isn't working good first issue Good for newcomers stale

Comments

@MoFrei
Copy link

MoFrei commented Sep 14, 2022
edited
Loading

Today I discovered two minor bugs related to the use of self-created secrets:

  1. When you use a self-created Secret to store your token (secret.create = false) the global option for an caFile is not working.
    This (correctly) leads to an error with untrusted HEC endpoint certificates, since the caFile is not added to the (self-created) Secret
    The documentation should be changed so that the CAFile must also be included in the secret

  2. when adding the CAFile to the Secret, the CA is not used, because the ENV variable "SSL_CERT_FILE" is only used when the CAFile is imported via values.yaml
    There should be an additional variable to allow the creation of the ENV variable
    However, as a workaround you can add a dummy entry to your values.yaml
    image

splunk-connect-for-kubernetes/helm-chart/splunk-connect-for-kubernetes/charts/splunk-kubernetes-logging/templates/daemonset.yaml

Line 86 in 64a4405

{{- if or .Values.splunk.hec.caFile .Values.global.splunk.hec.caFile }}

@hvaghani221 hvaghani221 added bug Something isn't working good first issue Good for newcomers labels Sep 15, 2022
@hvaghani221
Copy link
Contributor

Hi @MoFrei, your workaround will work.

To fix the bug,

If possible, can you submit a PR to fix this?

@hvaghani221 hvaghani221 mentioned this issue Sep 29, 2022
Open
@github-actions
Copy link

This issue is stale because it has been open for 30 days with no activity.

@github-actions github-actions bot added the stale label Oct 16, 2022
@github-actions
Copy link

This issue was closed because it has been inactive for 14 days since being marked as stale.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working good first issue Good for newcomers stale
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fixed certificate is ignored when using own secret splunk/splunk-connect-for-kubernetes
2 participants
@hvaghani221 @MoFrei