feat: added doc for migrate es to os

[chideat]

Summary by CodeRabbit

• Documentation
  • Added a comprehensive migration guide from Elasticsearch to OpenSearch covering two paths (ES 7.10 → OS 2.x → OS 3.x via snapshot & restore, and ES 8.x → OS 3.x via reindex-from-remote). Includes prerequisites, phased step-by-step procedures, operator/Helm examples, repository/keystore/secret handling, verification and post-upgrade checks, client compatibility notes, monitoring guidance, and operational considerations.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Adds a new, detailed migration guide describing two migration paths from Elasticsearch to OpenSearch: Snapshot & Restore (ES 7.10 → OS 2.x → OS 3.x) and Reindex-from-Remote (ES 8.x → OS 3.x), with prerequisites, Helm/Operator examples, CLI/YAML steps, credential handling, verification, and client compatibility notes. (≤50 words)

Changes

Cohort / File(s)

Summary

OpenSearch Migration Documentation docs/en/solutions/ecosystem/opensearch/How_to_Migrate_from_Elasticsearch_to_OpenSearch.md

New comprehensive migration guide (~551 lines) covering ES→OS strategies (snapshot & restore to OS 2.x then upgrade to OS 3.x; reindex-from-remote for ES 8.x→OS 3.x), prerequisites (shared storage, repository-s3 plugin), plugin/version considerations, Helm/OpenSearchCluster CR examples, S3 keystore/Secret handling, snapshot/register/restore and reindex CLI/YAML examples, upgrade/reindex steps, validation checks, client compatibility table, and references.

Sequence Diagram(s)

(omitted — documentation-only changes)

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Suggested reviewers

• fanzy618
• tyzhou111

Poem

🐰 I hopped through buckets, snapshots in tow,

Secrets tucked safe where the S3 winds blow.
From ES burrows to OpenSearch gleam,
Indices marched in a careful stream.
🥕

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately reflects the main change: adding documentation for migrating from Elasticsearch to OpenSearch.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch migrate-es-to-os

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

This PR adds comprehensive documentation for migrating from Elasticsearch to OpenSearch, covering multiple migration paths depending on source and target versions.

Changes:

• Added detailed migration guide documenting two primary scenarios: ES 7.10 → OS 2.x → OS 3.x using Snapshot & Restore, and ES 8.x/9.x → OS 3.x using Reindex from Remote
• Included step-by-step procedures with configuration examples for plugin installation, S3 credentials setup, snapshot creation, restoration, and cluster upgrades
• Provided client migration guidance with references to official OpenSearch clients for multiple programming languages

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[coderabbitai]

Actionable comments posted: 3

🤖 Fix all issues with AI agents

In
`@docs/en/solutions/ecosystem/opensearch/How_to_Migrate_from_Elasticsearch_to_OpenSearch.md`:
- Around line 376-414: The YAML for the Elasticsearch resource has mis-indented
fields under the nodeSet named "default": the config and podTemplate blocks must
be nested under the same list item for nodeSets (the block starting with - name:
default) so that podTemplate and config are children of that nodeSet; fix the
indentation to move config: and podTemplate: beneath the "- name: default" entry
(or remove the empty config: if you don't need it) so the Elasticsearch kind's
nodeSets, config, and podTemplate structure is valid.
- Around line 504-510: Update the reference URLs in the References section so
they use the correct docs.opensearch.org domain: replace
`https://opensearch.org/docs/latest/upgrade-or-migrate/` with
`https://docs.opensearch.org/latest/upgrade-or-migrate/` and
`https://opensearch.org/docs/latest/api-reference/document-apis/reindex/` with
`https://docs.opensearch.org/latest/api-reference/document-apis/reindex/`; also
scan the remaining links in the same list (`Snapshot and Restore`, `Keystore
Management`, `OpenSearch Clients`) and change any
`https://opensearch.org/docs/...` occurrences to
`https://docs.opensearch.org/...` so all reference URLs use the proper domain.
- Around line 126-142: The YAML example redundantly lists the same repository-s3
plugin under spec.bootstrap.pluginsList and spec.general.pluginsList; remove the
spec.bootstrap.pluginsList entry so the plugin is only declared under
spec.general.pluginsList (keep the
https://artifacts.opensearch.org/.../repository-s3-2.19.3.zip line in
spec.general.pluginsList and delete the duplicate under
spec.bootstrap.pluginsList) to avoid duplicate installation and
bootstrap-related reliability issues.

🧹 Nitpick comments (4)

docs/en/solutions/ecosystem/opensearch/How_to_Migrate_from_Elasticsearch_to_OpenSearch.md (4)

11-11: Clarify operator version applicability.

The version statement indicates "OpenSearch Operator ~= 2.8.*", but the examples throughout the document use OpenSearch versions 2.19.3 and 3.3.1. Ensure this version constraint accurately reflects the tested/supported operator versions. If the guide supports a broader range of operator versions, consider updating this line.

---

228-234: Consider documenting asynchronous snapshot creation for large datasets.

The example uses wait_for_completion=true, which may cause timeout issues for large clusters. Consider adding a note that users can set wait_for_completion=false and monitor progress separately using the Snapshot Status API for production environments with large datasets.

---

273-280: Use placeholder credentials in documentation examples.

The example uses hardcoded admin:admin credentials. While these are example credentials for documentation purposes, consider using placeholders like <username>:<password> to avoid confusion and prevent accidental copy-paste of insecure credentials in production environments.

📝 Suggested improvement

-curl -k -X POST "https://localhost:9200/_snapshot/migration_repo/snapshot_1/_restore" \
-  -u "admin:admin" \
+curl -k -X POST "https://localhost:9200/_snapshot/migration_repo/snapshot_1/_restore" \
+  -u "<username>:<password>" \
   -H 'Content-Type: application/json' -d'

---

305-313: Consider using jq for more robust JSON parsing.

The sed-based approach to extract mappings (line 306-307) is fragile and may break with formatting changes or unexpected JSON structure. Consider using jq for more reliable JSON manipulation.

🔧 More robust alternative using jq

-# 1. Get the original index mapping and extract the mappings object using sed
-curl -s -X GET "https://localhost:9200/migration_test/_mapping" -u "admin:admin" -k | \
-  sed 's/^{"migration_test"://' | sed 's/}$//' > mapping.json
+# 1. Get the original index mapping and extract the mappings object using jq
+curl -s -X GET "https://localhost:9200/migration_test/_mapping" -u "<username>:<password>" -k | \
+  jq '.migration_test' > mapping.json

This also addresses the hardcoded credentials issue.

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8943816 and c91620b.

📒 Files selected for processing (1)

• docs/en/solutions/ecosystem/opensearch/How_to_Migrate_from_Elasticsearch_to_OpenSearch.md

🧰 Additional context used

🪛 Gitleaks (8.30.0)

docs/en/solutions/ecosystem/opensearch/How_to_Migrate_from_Elasticsearch_to_OpenSearch.md

[high] 273-274: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 288-288: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 291-291: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 306-306: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 310-311: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 316-317: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 325-325: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 326-327: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 339-339: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 363-363: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 364-364: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

🔇 Additional comments (3)

docs/en/solutions/ecosystem/opensearch/How_to_Migrate_from_Elasticsearch_to_OpenSearch.md (3)

150-211: LGTM! Clear security-focused credential management.

The section correctly emphasizes using keystore/secrets instead of including credentials in API request bodies. The examples for both Elasticsearch and OpenSearch are clear and follow security best practices.

---

344-356: LGTM! Clear upgrade procedure.

The upgrade procedure correctly updates both the OpenSearch version and the matching repository-s3 plugin version. The operator will handle the rolling upgrade automatically.

---

1-510: Well-structured comprehensive migration guide.

This document provides thorough coverage of ES to OpenSearch migration scenarios with clear, actionable steps. The two-phase approach for ES 7.10 migration is well-explained, and the inclusion of client migration guidance adds significant value.

Strengths:

• Clear compatibility warnings preventing common pitfalls
• Comprehensive examples for different deployment methods (Helm, Operator, ECK)
• Appropriate security practices (keystore/secrets over hardcoded credentials)
• Well-organized with logical flow and helpful diagrams

Areas addressed in review comments:

• Technical accuracy improvements (YAML syntax, JSON parsing)
• Documentation best practices (credential placeholders)
• Verification requests for external dependencies

_{✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.}

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In
`@docs/en/solutions/ecosystem/opensearch/How_to_Migrate_from_Elasticsearch_to_OpenSearch.md`:
- Around line 70-107: Update the OpenSearch YAML examples to use a boolean for
the S3 path style setting: locate occurrences of the key
s3.client.default.path_style_access in the OpenSearch sections (the examples
that currently set it to the string "true") and change the value to the boolean
true so it matches the Elasticsearch example and the official
OpenSearch/Elasticsearch docs.

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between c91620b and c4f81da.

📒 Files selected for processing (1)

• docs/en/solutions/ecosystem/opensearch/How_to_Migrate_from_Elasticsearch_to_OpenSearch.md

🧰 Additional context used

🪛 Gitleaks (8.30.0)

docs/en/solutions/ecosystem/opensearch/How_to_Migrate_from_Elasticsearch_to_OpenSearch.md

[high] 47-47: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 160-160: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 202-202: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 216-216: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 263-263: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 277-277: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 280-280: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 296-296: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 301-301: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 307-307: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 315-315: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 316-316: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 328-328: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 352-352: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 353-353: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 432-432: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 461-461: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 470-470: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 473-473: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

_{✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.}

[coderabbitai]

Actionable comments posted: 3

🤖 Fix all issues with AI agents

In
`@docs/en/solutions/ecosystem/opensearch/How_to_Migrate_from_Elasticsearch_to_OpenSearch.md`:
- Around line 407-419: Update the documentation block under the
OpenSearchCluster CR example to add a prominent security warning about
reindex.ssl.verification_mode: "none" and replace the casual note with a danger
callout that states it must not be used in production; then provide secure
alternatives (use proper CA certificates, set verification_mode to
"certificate", or only use "none" for isolated testing) and brief procedural
guidance to export the ES cluster CA, create a Kubernetes Secret with that CA,
mount it into OpenSearch, and configure the truststore path so users can
validate certificates instead of disabling verification.
- Around line 294-303: Replace the fragile sed pipeline (the two sed commands
that strip the outer {"migration_test": ...} and trailing brace) with a jq-based
extraction that parses JSON and writes a correct mappings object to
mapping.json; specifically, use jq to extract the migration_test mappings (e.g.,
.migration_test.mappings) and output that to mapping.json so the subsequent curl
-d `@mapping.json` call receives valid JSON instead of a potentially corrupted
result from sed.
- Around line 248-254: The snapshotRepositories YAML block sets the repository
option readonly as a string ("true"); change the readonly setting to a boolean
true (no quotes) in the snapshotRepositories entry (the migration_repo settings
block) so it conforms to OpenSearch's expected boolean type for the readonly
field.

♻️ Duplicate comments (1)

docs/en/solutions/ecosystem/opensearch/How_to_Migrate_from_Elasticsearch_to_OpenSearch.md (1)

179-184: Correct the data type in the configuration guidance.

The note suggests using s3.client.default.path_style_access: "true" (string), but this setting requires a boolean value per OpenSearch documentation. This is inconsistent with line 86, which correctly uses the boolean true.

📝 Corrected guidance

-    - For path-style access: Add `s3.client.default.path_style_access: "true"` (required for MinIO)
+    - For path-style access: Add `s3.client.default.path_style_access: true` (required for MinIO)

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between c4f81da and a7cd4c8.

📒 Files selected for processing (1)

• docs/en/solutions/ecosystem/opensearch/How_to_Migrate_from_Elasticsearch_to_OpenSearch.md

🧰 Additional context used

🪛 Gitleaks (8.30.0)

docs/en/solutions/ecosystem/opensearch/How_to_Migrate_from_Elasticsearch_to_OpenSearch.md

[high] 47-47: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 160-160: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 202-202: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 216-216: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 263-263: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 277-277: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 280-280: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 296-296: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 301-301: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 307-307: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 315-315: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 316-316: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 328-328: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 352-352: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 353-353: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 432-432: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 461-461: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 470-470: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

---

[high] 473-473: Discovered a potential basic authorization token provided in a curl command, which could compromise the curl accessed resource.

(curl-auth-user)

🔇 Additional comments (4)

docs/en/solutions/ecosystem/opensearch/How_to_Migrate_from_Elasticsearch_to_OpenSearch.md (4)

16-30: Excellent migration strategy overview.

The table clearly presents the supported migration paths and the critical compatibility notes appropriately warn users about ES 7.10 → OS 3.x limitations and Lucene version incompatibilities.

---

70-107: LGTM!

The Elasticsearch Helm configuration correctly demonstrates plugin installation using an init container approach. The S3 configuration properly uses a boolean value for path_style_access (line 86).

---

487-500: Comprehensive client reference table.

The table provides a complete list of official OpenSearch clients across multiple languages with direct links to their documentation. All URLs correctly use the docs.opensearch.org domain.

---

1-15: Well-structured migration documentation.

The document provides clear organization with version-specific migration paths, comprehensive prerequisites, and step-by-step procedures. The version compatibility matrix and warnings about unsupported paths help prevent common migration mistakes.

_{✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.}

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In
`@docs/en/solutions/ecosystem/opensearch/How_to_Migrate_from_Elasticsearch_to_OpenSearch.md`:
- Around line 452-458: The example Task ID in the Example Response uses an
unrealistic repeating pattern; replace it with a realistic OpenSearch task ID in
the form node_id:task_number (a single random node string and a numeric task id)
— for example change the value in the JSON example under the Example Response
block to something like "N6q0j8s:123456" or "node123xyz:67890" so the node_id is
not duplicated and reflects the typical node_id:task_number format referenced in
the docs.

♻️ Duplicate comments (1)

docs/en/solutions/ecosystem/opensearch/How_to_Migrate_from_Elasticsearch_to_OpenSearch.md (1)

183-189: Inconsistent data type recommendation in note.

Line 187 demonstrates s3.client.default.path_style_access: "true" with quotes (string), but this setting should use a boolean value as flagged in other parts of the document. Update the note to show the correct boolean syntax for consistency.

📝 Suggested fix

     - For AWS S3: Omit the `endpoint` field, or set it to `s3.amazonaws.com`
     - For S3-compatible services (MinIO, Ceph, etc.): Set the endpoint to your server address
-    - For path-style access: Add `s3.client.default.path_style_access: "true"` (required for MinIO)
+    - For path-style access: Add `s3.client.default.path_style_access: true` (required for MinIO)

🧹 Nitpick comments (2)

docs/en/solutions/ecosystem/opensearch/How_to_Migrate_from_Elasticsearch_to_OpenSearch.md (2)

11-11: Consider clarifying version notation for broader audience.

The ~= symbol and asterisk notation may not be universally understood. Consider adding a brief explanation or using plain language like "compatible with" to improve clarity for readers unfamiliar with semantic versioning shorthand.

📝 Alternative wording

-Applicable Version: OpenSearch Operator ~= 2.8.*, OpenSearch ~= 2.x / 3.x
+Applicable Version: OpenSearch Operator 2.8.x and later, OpenSearch 2.x / 3.x

---

436-449: Note security consideration for embedded credentials in reindex requests.

The reindex from remote API requires credentials in the request body (lines 441-442), which is the standard pattern but has security implications. Consider adding a note recommending that users:

• Use read-only credentials with minimal permissions for the source cluster
• Ensure the request is sent over HTTPS
• Consider using environment variables or mounted secrets instead of hardcoded values in scripts

📝 Suggested security note

Add after line 449:

:::tip Security Best Practice

For production migrations:
- Use read-only credentials with minimal required permissions
- Store credentials in environment variables or Kubernetes Secrets rather than hardcoding
- Ensure the source Elasticsearch cluster endpoint uses HTTPS
- Consider restricting network access between clusters using network policies

:::

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In
`@docs/en/solutions/ecosystem/opensearch/How_to_Migrate_from_Elasticsearch_to_OpenSearch.md`:
- Around line 18-23: The migration table incorrectly implies broad compatibility
for Elasticsearch 8.x/9.x; update the rows for "**ES 8.x | **OS 3.x**" (and any
ES 9.x row referenced) to either remove those ES 8.x/9.x entries or add explicit
caveats: state that OpenSearch is officially compatible only with ES 7.10, that
reindex-from-remote is an AWS OpenSearch Service-specific workaround (or limited
feature), and that migrations from 8.x/9.x require validation and extra steps
(e.g., "AWS OpenSearch Service only" or "requires additional validation per your
setup") so readers aren’t misled about direct compatibility.

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In
`@docs/en/solutions/ecosystem/opensearch/How_to_Migrate_from_Elasticsearch_to_OpenSearch.md`:
- Line 87: Remove the stray double-quote at the end of the instruction string in
the sentence that reads "Update `values.yaml` on the **Custom** input textarea
with the following content":" — edit that sentence in
How_to_Migrate_from_Elasticsearch_to_OpenSearch.md (the line containing the
phrase Update `values.yaml` on the **Custom** input textarea with the following
content) to remove the trailing quote so it ends cleanly (e.g., ...with the
following content:).