Rewrite init script #178
Reference in New Issue
Block a user
No description provided.
Delete Branch "refs/pull/178/head"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
These changes rewrite the init script to be error aware, informative and have a bit more security awareness.
During rewrite several hidden bugs could be identified and fixed, such as:
e.g.
_my-ldap-auth
andmy-ldap-auth
In addition to that the script is a bit cleaner. Some commands do not exist anymore and would cause false-positive errors during script execution.
Helps for: #149
I've tested all changes for every possibility I could think of (probably not all ?). Even switching between both available images (root, rootless) to verify interoperability.
Some things (not really related to my changes) didn't work (properly):
Using not-active, skip-tls-verify, allow-deactivate-all, synchronize-users and attributes-in-bind for LDAP configuration. They are boolean values and would be passed like
--not-active ''
which breaks the command for some reason.Same for(Edit: incorrect statement)use-custom-urls
for OAuth command.Should I open separate issues for this or do we fix boolean option passing in this PR as well since they would break the init script?(Edit: Yes, fix in this PR as well.)I just re-read the issue #149 and am sure that this PR will not fully fix it. The repeated failure on init container due to unavailable db is done and the script is more verbose. But right now no credentials are used for the db check.
really like what you did here, will test this in a few days
Tested this PR in different clusters, with existing PVCs and new PVCs.
Looks good :)
@luhahn Done. Ready for another review.