Apm server configured by elastic operator ignore ${SECRET_TOKEN} variable

hetii · January 3, 2024, 1:27pm

Hi

For code like below Apm server configured by elastic operator ignore ${SECRET_TOKEN} variable.

apiVersion: apm.k8s.elastic.co/v1
kind: ApmServer
metadata:
  name: apm-server
  namespace: elfstack
spec:
  version: 8.11.3
  count: 1
  elasticsearchRef:
    name: monitoring
  kibanaRef:
    name: monitoring

As I check the container, there is a secret mounted as config/config-secret/apm-server.yml where the ${SECRET_TOKEN} variable is used for key:
apm-server.secret_token instead apm-server.auth.secret_token.

This bug makes the apm server wide open.

As a workaround I use such code:

---
apiVersion: apm.k8s.elastic.co/v1
kind: ApmServer
metadata:
  name: apm-server
  namespace: elfstack
spec:
  version: 8.11.3
  count: 1
  elasticsearchRef:
    name: monitoring
  kibanaRef:
    name: monitoring
  podTemplate:
    spec:
      containers:
      - name: apm-server
        command:
        - sh
        - -c
        - |
          sed -e s/secret_token/"auth:\n    secret_token"/g config/config-secret/..data/apm-server.yml > config/apm-fixed-server.yml
          exec apm-server run -e -c config/apm-fixed-server.yml

Best Regards.

system · January 31, 2024, 1:28pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.