Skip to content

test(smoke): Apply secrets before the OpenSearch cluster to avoid restarts #98

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
siegfriedweber merged 2 commits into from
Jan 19, 2026
+96 −96
Merged

test(smoke): Apply secrets before the OpenSearch cluster to avoid restarts #98

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
0d5c5f6
test(smoke): Apply secrets before the OpenSearch cluster to avoid res…
siegfriedweber Jan 19, 2026
7562945
test(smoke): Do not apply the opensearch-security-config Secret twice
siegfriedweber Jan 19, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
96 changes: 96 additions & 0 deletions tests/templates/kuttl/smoke/10-opensearch-security-config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,96 @@
---
apiVersion: v1
kind: Secret
metadata:
name: opensearch-security-config
stringData:
action_groups.yml: |
---
_meta:
type: actiongroups
config_version: 2
allowlist.yml: |
---
_meta:
type: allowlist
config_version: 2

config:
enabled: false
audit.yml: |
---
_meta:
type: audit
config_version: 2

config:
enabled: false
config.yml: |
---
_meta:
type: config
config_version: 2

config:
dynamic:
authc:
basic_internal_auth_domain:
description: Authenticate via HTTP Basic against internal users database
http_enabled: true
transport_enabled: true
order: 1
http_authenticator:
type: basic
challenge: true
authentication_backend:
type: intern
authz: {}
internal_users.yml: |
---
# The hash value is a bcrypt hash and can be generated with plugin/tools/hash.sh

_meta:
type: internalusers
config_version: 2

admin:
hash: $2y$10$xRtHZFJ9QhG9GcYhRpAGpufCZYsk//nxsuel5URh0GWEBgmiI4Q/e
reserved: true
backend_roles:
- admin
description: OpenSearch admin user

kibanaserver:
hash: $2y$10$vPgQ/6ilKDM5utawBqxoR.7euhVQ0qeGl8mPTeKhmFT475WUDrfQS
reserved: true
description: OpenSearch Dashboards user
nodes_dn.yml: |
---
_meta:
type: nodesdn
config_version: 2
roles.yml: |
---
_meta:
type: roles
config_version: 2
roles_mapping.yml: |
---
_meta:
type: rolesmapping
config_version: 2

all_access:
reserved: false
backend_roles:
- admin

kibana_server:
reserved: true
users:
- kibanaserver
tenants.yml: |
---
_meta:
type: tenants
config_version: 2
0 ...s/templates/kuttl/smoke/10-assert.yaml.j2 → ...s/templates/kuttl/smoke/11-assert.yaml.j2
View file
Open in desktop
File renamed without changes.
96 changes: 0 additions & 96 deletions ...kuttl/smoke/10-install-opensearch.yaml.j2 → ...kuttl/smoke/11-install-opensearch.yaml.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -75,99 +75,3 @@ spec:
secret:
secretName: opensearch-security-config
defaultMode: 0o660
---
apiVersion: v1
kind: Secret
metadata:
name: opensearch-security-config
stringData:
action_groups.yml: |
---
_meta:
type: actiongroups
config_version: 2
allowlist.yml: |
---
_meta:
type: allowlist
config_version: 2

config:
enabled: false
audit.yml: |
---
_meta:
type: audit
config_version: 2

config:
enabled: false
config.yml: |
---
_meta:
type: config
config_version: 2

config:
dynamic:
authc:
basic_internal_auth_domain:
description: Authenticate via HTTP Basic against internal users database
http_enabled: true
transport_enabled: true
order: 1
http_authenticator:
type: basic
challenge: true
authentication_backend:
type: intern
authz: {}
internal_users.yml: |
---
# The hash value is a bcrypt hash and can be generated with plugin/tools/hash.sh

_meta:
type: internalusers
config_version: 2

admin:
hash: $2y$10$xRtHZFJ9QhG9GcYhRpAGpufCZYsk//nxsuel5URh0GWEBgmiI4Q/e
reserved: true
backend_roles:
- admin
description: OpenSearch admin user

kibanaserver:
hash: $2y$10$vPgQ/6ilKDM5utawBqxoR.7euhVQ0qeGl8mPTeKhmFT475WUDrfQS
reserved: true
description: OpenSearch Dashboards user
nodes_dn.yml: |
---
_meta:
type: nodesdn
config_version: 2
roles.yml: |
---
_meta:
type: roles
config_version: 2
roles_mapping.yml: |
---
_meta:
type: rolesmapping
config_version: 2

all_access:
reserved: false
backend_roles:
- admin

kibana_server:
reserved: true
users:
- kibanaserver
tenants.yml: |
---
_meta:
type: tenants
config_version: 2