Entrypoint always trying to populate keystore.xml

Question

Entrypoint always trying to populate keystore.xml

pierrepook opened this issue 4 years ago · 4 comments

The docker-server.sh entrypoint I believe has a bug

  # Add the keystore password to server configuration
  if [ ! -e $keystorePath ]; then
    sed "s|REPLACE|$PASSWORD|g" $SNIPPETS_SOURCE/keystore.xml > $SNIPPETS_TARGET_DEFAULTS/keystore.xml
  fi
  if [ -e $TRUSTSTORE_FILE ]; then
    sed "s|PWD_TRUST|$TRUSTSTORE_PASSWORD|g" $SNIPPETS_SOURCE/truststore.xml > $SNIPPETS_TARGET_OVERRIDES/truststore.xml
  elif [ ! -z $SEC_TLS_TRUSTDEFAULTCERTS ]; then 
    cp $SNIPPETS_SOURCE/trustDefault.xml $SNIPPETS_TARGET_OVERRIDES/trustDefault.xml  
  fi

The section where it checks for keystore is always adding the keystore if it doesnt exist but it should only populate if it does exist. If the keystore is there, its because I passed the arg at BUILD time then it should populate it.

Always populating it regardless and giving me no option seems like a bug

I believe it should be
if [ -e $keystorePath ]; then

Answer 1 · 2020-11-16T16:48:23.000Z

@arturdzm could you please have a look at this? Thanks.

Answer 2 · 2020-11-16T19:02:02.000Z

When user provides their own keystore.xml and keystore file and build time this will be skipped.

If the user does not provide any keystore information the XML is generated to make sure the password is set and keystore is generated at runtime by Liberty.

Answer 3 · 2020-11-16T19:58:44.000Z

The problem is that in order for it to work I have to provide the key store in a specific location. However, with the cloud vendor I am using I don’t necessarily have control of where I can put the keystone

Answer 4 · 2020-11-16T19:59:30.000Z

Therefore I am not using the configure.sh and would like to switch off the auto adding of the keystore which is not possible